39f609e59d6bbb9e705ae430de6eb6e92cee2e722d74f4369cc6ff7c601809a7[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

39f609e59d6bbb9e705ae430de6eb6e92cee2e722d74f4369cc6ff7c601809a7.exe
Size

3.0MB
MD5

0bbcf2a86a4f752d216029682ccc0616
SHA1

4016ec20c14c11d597b0f023e2ba3f865037a551
SHA256

39f609e59d6bbb9e705ae430de6eb6e92cee2e722d74f4369cc6ff7c601809a7
SHA512

e35495e3a8ed1b875ff7543501ef98f2ecd95f8422cd23187e2153ed1cef66498eadcfb5c4b418fafd696198d5f1763d433945dd5c160a5e617291757ea39319
SSDEEP

49152:8R5rI3FRrQ2JTqyg+0uh4GShaPYHS5aDfJ8AHDPmoy7vKOsXPaaUJ:8RVI3FpQqTqyg+0ux1MfJzHDOoy7vKTG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f609e59d6bbb9e705ae430de6eb6e92cee2e722d74f4369cc6ff7c601809a7.exe

Files

39f609e59d6bbb9e705ae430de6eb6e92cee2e722d74f4369cc6ff7c601809a7.exe
.dll regsvr32 windows:6 windows x64 arch:x64

7e6132f4486713a256e26742ed9b4341

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetLastError
CreateThread
SuspendThread
OpenThread
GetFileAttributesA
FindFirstFileA
FindNextFileA
GetModuleHandleA
GetCurrentProcessId
GetWindowsDirectoryA
CreateNamedPipeA
ConnectNamedPipe
DisconnectNamedPipe
VirtualAlloc
GetCurrentProcess
CreateMutexA
OpenMutexA
ReleaseMutex
HeapFree
GetModuleHandleW
GetProcAddress
HeapAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
SetLastError
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TlsSetValue
FreeLibrary
LoadLibraryExW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleExW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
RtlUnwindEx

Exports

Exports

BsFIy52i
DllRegisterServer
FVHB61426r
HkaQGiJh
ZGH02

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e6132f4486713a256e26742ed9b4341

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 1.4MB - Virtual size: 1.4MB

.pdata Size: 1KB - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 12B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 1.4MB - Virtual size: 1.4MB

.pdata
Size: 1KB - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 12B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB