6f4061c1f5ccc42a6b61afa479a0a6b24752ad156913a98a0c80668cbb27a57e

Sharing

Copy URL Twitter E-mail

General

Target

6f4061c1f5ccc42a6b61afa479a0a6b24752ad156913a98a0c80668cbb27a57e
Size

927KB
MD5

c21c282df8e4d6fa00baf2241d098596
SHA1

a11fdb4933f13e4c498a7cb3f67453801984f198
SHA256

6f4061c1f5ccc42a6b61afa479a0a6b24752ad156913a98a0c80668cbb27a57e
SHA512

2796af7181baa5f210086ae04b8e328efd2d75a302846dceb6c1faab4de2c3fca74ca8fd8b43fb6d0a68ec51ff2d80452e76a601fe8399e1d94b31c328c05c02
SSDEEP

12288:fDr83dt/7i7p/JHTglGIeboGH3M1xP6WiVrO0aJ5u4Nqs76ve7I+LM:7rKf/2t/JzglG93brfo5B/76v97

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f4061c1f5ccc42a6b61afa479a0a6b24752ad156913a98a0c80668cbb27a57e

Files

6f4061c1f5ccc42a6b61afa479a0a6b24752ad156913a98a0c80668cbb27a57e
.exe windows x86

6e108a3b042c703744f759b54141f5d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetACP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
VirtualFree
GetProcessHeap
HeapCreate
HeapSize
ExitProcess
InterlockedDecrement
HeapReAlloc
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
GetCurrentDirectoryA
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetModuleFileNameW
GetModuleHandleW
GetDiskFreeSpaceA
GetTempFileNameA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
lstrcmpW
GetModuleHandleA
GetProcAddress
GetVersionExA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrcmpiA
GetPrivateProfileStringA
GetModuleFileNameA
Sleep
LockResource
SizeofResource
LoadResource
FindResourceA
GetLastError
WideCharToMultiByte
CreateThread
MultiByteToWideChar
lstrlenA
LeaveCriticalSection
EnterCriticalSection
CloseHandle
InitializeCriticalSectionAndSpinCount

user32

CopyAcceleratorTableA
CharNextA
PostThreadMessageA
DeleteMenu
GetMenuItemInfoA
GetSysColorBrush
DestroyCursor
SetRect
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
InflateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
KillTimer
SetWindowRgn
DrawIcon
IsRectEmpty
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
CharUpperA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
InvalidateRgn
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
PostMessageA
CreateWindowExA
EnableWindow
SendMessageA
GetWindowRect
GetDC
ReleaseDC
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetNextDlgGroupItem
DestroyIcon
CreateMenu
GetMenu
GetWindowLongA
UnregisterClassA
GetTabbedTextExtentA
GetClientRect
InvalidateRect
MessageBoxA
MessageBeep
GetCapture
GetCursorPos
ScreenToClient
WindowFromPoint
PtInRect
SetCursor
LoadCursorA
ReleaseCapture
SetCapture
SetTimer
FillRect
DrawTextA
DrawFocusRect
GetFocus
GetMessagePos
GetKeyState
GetSystemMetrics
UpdateWindow
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
IsChild
SetFocus
IsWindow
GetWindow
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
PostQuitMessage

gdi32

GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
CreateEllipticRgn
DPtoLP
LPtoDP
CreateFontIndirectA
GetMapMode
GetTextMetricsA
GetTextExtentPoint32A
ScaleWindowExtEx
CreateFontA
StretchDIBits
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
GetBkColor
GetTextColor
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
GetCharWidthA
GetObjectA
SetTextAlign
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetPolyFillMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetBkColor
GetClipBox
CreateDCA
GetDeviceCaps
SelectObject
DeleteDC
SetBkMode
SetTextColor
Ellipse
LineTo
MoveToEx
GetStockObject
SetROP2
TextOutA
CreatePen
Rectangle
CreateSolidBrush
CreateCompatibleBitmap
DeleteObject
BitBlt
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueA

shell32

ExtractIconA
SHGetFileInfoA
DragFinish
DragQueryFileA

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameA
PathRemoveFileSpecA
PathStripToRootA

oledlg

ord8

ole32

OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
OleRun
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoUninitialize
OleDestroyMenuDescriptor

oleaut32

SysFreeString
SysAllocStringByteLen
SysAllocString
VariantInit
VariantCopy
VariantClear
SysStringLen
VariantChangeType
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

gdiplus

GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusShutdown

Sections

.text
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.tc
Size: 246KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e108a3b042c703744f759b54141f5d3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Sections

.text Size: 410KB - Virtual size: 409KB

.rdata Size: 94KB - Virtual size: 94KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 51KB - Virtual size: 50KB

.tc Size: 246KB - Virtual size: 248KB

Size: 56KB - Virtual size: 60KB

.text
Size: 410KB - Virtual size: 409KB

.rdata
Size: 94KB - Virtual size: 94KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 51KB - Virtual size: 50KB

.tc
Size: 246KB - Virtual size: 248KB