6ad66834a901cbc7b1cb0c7d7a46e7f17b9f5c8c5f49332c8fb75c2cc30f6eb8

Sharing

Copy URL Twitter E-mail

General

Target

6ad66834a901cbc7b1cb0c7d7a46e7f17b9f5c8c5f49332c8fb75c2cc30f6eb8
Size

240KB
MD5

54adf0b14aad84f0c19b60954b3c2e95
SHA1

e9a976950fa18ce71806d75682849f494094941f
SHA256

6ad66834a901cbc7b1cb0c7d7a46e7f17b9f5c8c5f49332c8fb75c2cc30f6eb8
SHA512

5a39ac2ca78c9d1c0572ce6a42a96ba4e00b1f8aa24ab03465275edd30b23293829193da2c601c30af89c7a01ac634a29395b6affc897a8eb229fdf98df5b8c7
SSDEEP

6144:rzx780E3sBRR/86MqpGFYysogWshy0m9sncw7:r1m2RvNYFN8xhyP9sncw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ad66834a901cbc7b1cb0c7d7a46e7f17b9f5c8c5f49332c8fb75c2cc30f6eb8

Files

6ad66834a901cbc7b1cb0c7d7a46e7f17b9f5c8c5f49332c8fb75c2cc30f6eb8
.dll windows x86

0ebd8dc6b0c538fb38cc331419d818a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeZoneInformation
GetACP
HeapSize
TerminateProcess
ExitProcess
RaiseException
GetCommandLineA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
GlobalReAlloc
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
lstrcmpA
GlobalFree
GlobalAlloc
LocalFree
GlobalLock
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
GetTickCount
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GlobalUnlock
LCMapStringW

user32

LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CharUpperA
PostQuitMessage
UnregisterClassA
GetClassNameA
GetSysColorBrush
DestroyMenu
LoadStringA
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
ShowWindow
SetWindowTextA
LoadIconA
PostMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
GetMenuState
GetTopWindow
MessageBoxA
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetKeyState
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
KillTimer
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
CopyRect
GetSystemMetrics
SetWindowPos
IsWindow
IsWindowVisible
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
WindowFromPoint
LoadCursorA
ReleaseDC
GetClientRect
GetDC
GetSysColor
SetWindowLongA
ScreenToClient
IsWindowEnabled
SetTimer
GetCursorPos
SetRect
IsRectEmpty
PtInRect
SendMessageA
ModifyMenuA
SetMenuItemBitmaps
EnableWindow
InvalidateRect
GetWindowLongA

gdi32

SelectObject
DeleteObject
FillRgn
CombineRgn
CreateRectRgn
CreateEllipticRgn
Pie
Arc
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetBrushOrgEx
MoveToEx
LineTo
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
StretchBlt
Polygon
CreatePen
CreateSolidBrush
Rectangle
GetTextColor
GetCurrentObject
GetObjectA
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetWindowExtEx
LPtoDP
DPtoLP
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comctl32

ord17

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ebd8dc6b0c538fb38cc331419d818a6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

comctl32

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 24KB - Virtual size: 85KB

.rsrc Size: 12KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 24KB - Virtual size: 85KB

.rsrc
Size: 12KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 18KB