b3d32ed0a3fdd776ba9f3dfcbd7e11cffaebe4ff879b9610c75c331fa4e78225[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b3d32ed0a3fdd776ba9f3dfcbd7e11cffaebe4ff879b9610c75c331fa4e78225.exe
Size

219KB
MD5

2ffd7895fec9b13e5926be2b55d035b9
SHA1

dc3182698e5878513677dca541016c32e74f37a8
SHA256

b3d32ed0a3fdd776ba9f3dfcbd7e11cffaebe4ff879b9610c75c331fa4e78225
SHA512

ee566d87997374a58cc26425d7fa4643380eb17ff02ea880cb1c4e84f0700c0aeaf61ced9f0ac9551ac646367dc73a9686abba4362405593469abce5cefed909
SSDEEP

3072:hrHIQm9TOcx4AGPmQ2OvWRNqxDJMIeALuIcY3bCl2OVdRUXqHy5kVw+HM:ZHUMPOyJveAao3afQ2VxHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3d32ed0a3fdd776ba9f3dfcbd7e11cffaebe4ff879b9610c75c331fa4e78225.exe

Files

b3d32ed0a3fdd776ba9f3dfcbd7e11cffaebe4ff879b9610c75c331fa4e78225.exe
.exe windows:5 windows x86 arch:x86

22af25ade079dc53a69f7ebb2b0d578a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelA
SetDefaultCommConfigA
CreateMutexW
SetPriorityClass
SetFilePointer
lstrlenA
WritePrivateProfileStructA
_llseek
BuildCommDCBAndTimeoutsA
CallNamedPipeA
WriteTapemark
SetEnvironmentVariableW
CreateJobObjectW
GetNamedPipeHandleStateA
SetComputerNameW
OpenSemaphoreA
FreeEnvironmentStringsA
SetTapeParameters
GetProcessPriorityBoost
WriteFile
ActivateActCtx
LoadLibraryW
TerminateThread
Sleep
GetPrivateProfileStructW
SetSystemTimeAdjustment
GetConsoleWindow
DeleteVolumeMountPointW
GetBinaryTypeA
SetSystemPowerState
IsDBCSLeadByte
GetOverlappedResult
GetACP
DosDateTimeToFileTime
FindNextVolumeMountPointW
SetThreadPriority
RaiseException
DeactivateActCtx
InterlockedExchange
GetCurrentDirectoryW
GetProcAddress
GetTapeStatus
BeginUpdateResourceW
CopyFileA
GetConsoleDisplayMode
EnterCriticalSection
LoadLibraryA
LocalAlloc
BuildCommDCBAndTimeoutsW
IsSystemResumeAutomatic
SetConsoleDisplayMode
AddAtomW
SetCurrentDirectoryW
SetFileApisToANSI
PostQueuedCompletionStatus
GetTapeParameters
WaitForMultipleObjects
CreateIoCompletionPort
GetCommTimeouts
EnumResourceNamesA
EnumDateFormatsW
_lopen
GetVersionExA
LocalSize
CopyFileExA
lstrcpyA
lstrlenW
FileTimeToDosDateTime
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetLastError
MoveFileA
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapAlloc
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStdHandle
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
GetModuleHandleA

advapi32

ClearEventLogW

winhttp

WinHttpCloseHandle

Exports

Exports

_enough@4
_futurama@4
_hellgate@4
_hiduk@8
_husaberg@4
_lifan@8

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 39.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jot
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.muneme
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22af25ade079dc53a69f7ebb2b0d578a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

winhttp

Exports

Exports

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 39.4MB

.jot Size: 1024B - Virtual size: 4KB

.muneme Size: 512B - Virtual size: 74B

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 39.4MB

.jot
Size: 1024B - Virtual size: 4KB

.muneme
Size: 512B - Virtual size: 74B

.rsrc
Size: 41KB - Virtual size: 41KB