44fc749f1e8069f218d721eb1adbc5958fd6cdb7a535f899cf6726d19dd40d7b[.]exe

General

Target

44fc749f1e8069f218d721eb1adbc5958fd6cdb7a535f899cf6726d19dd40d7b.exe
Size

1.7MB
MD5

31b9b21a2d6867856f8d91068eceb706
SHA1

d1b3418bd7ea2e581ef06246ffa5c8753e598540
SHA256

44fc749f1e8069f218d721eb1adbc5958fd6cdb7a535f899cf6726d19dd40d7b
SHA512

63b6f7affca37869326f3ed3591be45a005dda9f86d4bb20d61c9f90097573d188d75ff9f8c0b5673319878af1c8d3bd5cbe7b086116461ebbbd451932286fdc
SSDEEP

24576:G1I+dAYANzGv4ZG6G6uH9tzcRkOVA1E549tuET/Gq5IXaQ/RZMv6XU5lirTQXkrg:GGy4J4t6M7iku0VKXamE5lmTYksxgrV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44fc749f1e8069f218d721eb1adbc5958fd6cdb7a535f899cf6726d19dd40d7b.exe

Files

44fc749f1e8069f218d721eb1adbc5958fd6cdb7a535f899cf6726d19dd40d7b.exe
.dll regsvr32 windows:6 windows x64 arch:x64

833168a011abe3b7dd3b2c6929554c42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetLastError
GetCurrentDirectoryA
CreateActCtxA
ActivateActCtx
DeactivateActCtx
GetFileAttributesA
FindFirstFileA
FindNextFileA
SetFileAttributesA
ReleaseActCtx
GetCurrentThread
VirtualAlloc
GetCurrentProcess
DuplicateHandle
CreateMutexA
ReleaseMutex
WideCharToMultiByte
GetSystemTime

Exports

Exports

DllRegisterServer
FbGIN678

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 839KB - Virtual size: 838KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 810KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

833168a011abe3b7dd3b2c6929554c42

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 29KB

.rotext Size: 48KB - Virtual size: 48KB

.rdata Size: 839KB - Virtual size: 838KB

.data Size: 810KB - Virtual size: 812KB

.pdata Size: 1024B - Virtual size: 792B

.rodata Size: 512B - Virtual size: 248B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 30KB - Virtual size: 29KB

.rotext
Size: 48KB - Virtual size: 48KB

.rdata
Size: 839KB - Virtual size: 838KB

.data
Size: 810KB - Virtual size: 812KB

.pdata
Size: 1024B - Virtual size: 792B

.rodata
Size: 512B - Virtual size: 248B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B