d159f7955be9a54ad6e18e97722d36adb79d8ab941b45e633fba9e70fc661de8[.]exe | Triage

Sharing

General

Target

d159f7955be9a54ad6e18e97722d36adb79d8ab941b45e633fba9e70fc661de8.exe
Size

9.9MB
MD5

3e51f02a6b0b29089507be83076223dd
SHA1

1336ea68db461623045f0ff4af172f06bd27e545
SHA256

d159f7955be9a54ad6e18e97722d36adb79d8ab941b45e633fba9e70fc661de8
SHA512

c6cee30fdddabf837ab4bead7f6568c4e9f6e63d8e25ddcab6ef5e8277dc3135d7299cdc418862b99976d151e39f6cdc5810210450fb22594cc6deebb23adf5d
SSDEEP

98304:heqnYbC0VlCReJCtQIyABJPk0jCXbCX/8JtiuaI+K4yIsT1GMJGStPalYm:hsC0VzCt6oPRgnJtHaFpyrLR2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d159f7955be9a54ad6e18e97722d36adb79d8ab941b45e633fba9e70fc661de8.exe

Files

d159f7955be9a54ad6e18e97722d36adb79d8ab941b45e633fba9e70fc661de8.exe
.exe windows:6 windows x64 arch:x64

9558d19f2351e21d0d747c0bc7f39f15

Headers

File Characteristics

IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetDlgItemTextA
MessageBoxExA

kernel32

GetTokenInformation
VirtualAlloc
SwitchToThread

ws2_32

WSAConnect

crypt32

CryptBinaryToStringW
CryptBinaryToStringW

wininet

InternetConnectA
InternetConnect
InternetConnectA
InternetConnectW
InternetConnect

winhttp

WinHttpConnect
WinHttpConnect
WinHttpConnect

advapi32

ChangeServiceConfig2A

msvcrt

rand
rand
rand

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 5.0MB - Virtual size: 5.0MB

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strtab
Size: 1024B - Virtual size: 526B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE