21980ef35dee23086acef389e6ce648d8ff396da56b7482b5bc8774120c74b6c[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

21980ef35dee23086acef389e6ce648d8ff396da56b7482b5bc8774120c74b6c.exe
Size

724KB
MD5

755eb0def2568d37a1d149b3018bdcce
SHA1

e69c1d12dc3d2aa730aa8a9d94757c73777bd54d
SHA256

21980ef35dee23086acef389e6ce648d8ff396da56b7482b5bc8774120c74b6c
SHA512

2ef40d5038c63489149fde266db0e1d440f45a4e8056353ef7e4a70c8df65917a782ceb139955af8cd814704b29c58e548c47c3e521b872fe8e62301d54301ec
SSDEEP

12288:KO3+ivi0RNOR/5DH2InMtdhtvX2tvJljUWcJxm/Osj3lx7l6X0k97L4HAF3itk:7vdvOZ9H2+Mt7tvX2tvJljT/mi1xJ6tX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21980ef35dee23086acef389e6ce648d8ff396da56b7482b5bc8774120c74b6c.exe

Files

21980ef35dee23086acef389e6ce648d8ff396da56b7482b5bc8774120c74b6c.exe
.dll windows:5 windows x64 arch:x64

707bf4d4a84f26baafe3009c556f426e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

[email protected]

Imports

advapi32

LookupAccountNameA
GetUserNameA
InitializeSecurityDescriptor
GetSecurityDescriptorOwner
GetCurrentHwProfileW

wininet

GetUrlCacheEntryInfoW
GetUrlCacheEntryInfoA

gdi32

ExtCreatePen
GetBrushOrgEx
GetObjectW
GetViewportExtEx
GetClipBox
GetObjectA
FillRgn

secur32

GetUserNameExW

user32

IsWindowEnabled
DrawFrameControl
FindWindowExA
GetSysColorBrush

urlmon

GetClassFileOrMime

winspool.drv

DeletePrinterDriverExW

kernel32

LoadLibraryA
GetNLSVersion
GetLastError
FreeEnvironmentStringsW
DeleteVolumeMountPointW
GetSystemWindowsDirectoryW
FindAtomW
GetEnvironmentStringsW
Module32NextW
EnumSystemCodePagesW
FindFirstChangeNotificationW
GetThreadLocale
GetConsoleTitleW

Exports

Exports

SLClose
SLConsumeRight
SLConsumeWindowsRight
SLDepositOfflineConfirmationId
SLFireEvent
SLGenerateOfflineInstallationId
SLGetApplicationInformation
SLGetGenuineInformation
SLGetInstalledProductKeyIds
SLGetInstalledSAMLicenseApplications
SLGetLicense
SLGetLicenseFileId
SLGetLicenseInformation
SLGetLicensingStatusInformation
SLGetPKeyId
SLGetPKeyInformation
SLGetPolicyInformation
SLGetPolicyInformationDWORD
SLGetProductSkuInformation
SLGetSAMLicense
SLGetSLIDList
SLGetServiceInformation
SLGetWindowsInformation
SLGetWindowsInformationDWORD
SLInstallLicense
SLInstallProofOfPurchase
SLInstallSAMLicense
SLIsWindowsGenuineLocal
SLOpen
SLReArmWindows
SLRegisterEvent
SLRegisterWindowsEvent
SLSetCurrentProductKey
SLSetGenuineInformation
SLUninstallLicense
SLUninstallProofOfPurchase
SLUninstallSAMLicense
SLUnregisterEvent
SLUnregisterWindowsEvent
SLpCheckProductKey
SLpGetGenuineLocal
SLpUpdateComponentTokens

Sections

.text
Size: 608KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

707bf4d4a84f26baafe3009c556f426e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

wininet

gdi32

secur32

user32

urlmon

winspool.drv

kernel32

Exports

Exports

Sections

.text Size: 608KB - Virtual size: 607KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 60KB - Virtual size: 57KB

.pdata Size: 4KB - Virtual size: 336B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

Size: 28KB - Virtual size: 27KB

Size: 4KB - Virtual size: 1KB

Size: 4KB - Virtual size: 1KB

.text
Size: 608KB - Virtual size: 607KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 60KB - Virtual size: 57KB

.pdata
Size: 4KB - Virtual size: 336B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB