c6b2e7a5a6da71exeexeexeex[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c6b2e7a5a6da71exeexeexeex.exe
Size

1.3MB
MD5

c6b2e7a5a6da71516faf16eed4621e26
SHA1

4012c5f552123734c2b084b838ae28711fabafad
SHA256

336f30c56f3e456b4722ec7cccfc845fd3461db2470264622e3b40182868bf6e
SHA512

8ba40f1123c29efe496be6386be49250b7e87370592bd7bd46e4cb3de59e3c74f1db171816ce45c5116d4d968f158ff7a4fe2fd22992d6dbbfea6cfcf47a4b83
SSDEEP

24576:Zdm9oatfT7Bgjo1nM52H0wEYnl5FSHK722fjHt2Mge1ATbrLL+O:S9oatfesJ7HRrBcMge1B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6b2e7a5a6da71exeexeexeex.exe

Files

c6b2e7a5a6da71exeexeexeex.exe
.exe windows x86

1f267a52a58275bf616dcfa63340bc24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertCreateCertificateContext
CertFreeCertificateContext
CertGetNameStringW
CryptStringToBinaryW
CertNameToStrW

cryptui

CryptUIDlgViewContext

gdiplus

GdiplusStartup
GdipCloneImage
GdipLoadImageFromStream
GdipDeleteGraphics
GdiplusShutdown
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipFree
GdipDrawImageRectI

wininet

InternetOpenW
InternetOpenUrlW
InternetGetConnectedState
InternetCloseHandle
HttpQueryInfoW
InternetCanonicalizeUrlW
InternetReadFile

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

GetModuleBaseNameW
EnumProcessModules
EnumProcesses

kernel32

FileTimeToSystemTime
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FileTimeToLocalFileTime
OpenEventA
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
lstrlenW
LocalAlloc
LocalFree
GetSystemTime
SystemTimeToFileTime
GetModuleFileNameW
WideCharToMultiByte
GetLastError
GetPrivateProfileStringA
WritePrivateProfileStringA
SetLastError
GetLocalTime
CloseHandle
InterlockedExchange
WaitForSingleObject
GetModuleHandleW
GetProcAddress
CreateFileW
CreateTimerQueueTimer
DeleteTimerQueueTimer
InterlockedExchangeAdd
FreeResource
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetSystemDirectoryW
GetFileAttributesW
GetCurrentProcess
DeleteFileW
Sleep
GetProcessHeap
GetTimeZoneInformation
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
LCMapStringA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
HeapAlloc
LCMapStringW
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
VirtualQuery
GetSystemInfo
VirtualAlloc
GetModuleFileNameA
ExitThread
CreateThread
ExitProcess
RaiseException
GetFileType
SetStdHandle
RtlUnwind
IsBadReadPtr
HeapValidate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetTickCount
VirtualProtect
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
InterlockedIncrement
lstrlenA
GetTempPathW
InterlockedDecrement
SetErrorMode
GetAtomNameW
GetFileTime
GetFileSizeEx
GetCurrentProcessId
CreateEventW
SetEvent
WritePrivateProfileStringW
CompareStringA
lstrcmpA
GetCurrentThread
GetLocaleInfoW
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleHandleA
CompareStringW
LoadLibraryA
GetVersionExW
lstrcmpW
GetCurrentThreadId
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExA
SuspendThread
ResumeThread
SetThreadPriority
MulDiv
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
GetThreadLocale
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
FreeLibrary
LoadLibraryW
MoveFileExW
WriteFile

user32

GetClipboardFormatNameW
SystemParametersInfoW
DestroyMenu
GetWindowThreadProcessId
GetCursorPos
GetMessageW
TranslateMessage
PostQuitMessage
CharNextW
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SendDlgItemMessageW
SendDlgItemMessageA
PeekMessageW
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
WinHelpW
TrackPopupMenu
GetDlgCtrlID
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
SetFocus
LoadMenuW
SetMenuItemBitmaps
ModifyMenuW
InsertMenuItemW
GetMenuItemInfoW
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GrayStringW
UnpackDDElParam
DrawTextExW
TabbedTextOutW
DrawIcon
FillRect
LoadBitmapW
GetSysColorBrush
LoadIconW
PostThreadMessageW
MapDialogRect
SetWindowContextHelpId
GetForegroundWindow
SetForegroundWindow
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
GetNextDlgTabItem
GetNextDlgGroupItem
GetFocus
SetCapture
GetCapture
RedrawWindow
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
UpdateWindow
SetRectEmpty
ReleaseCapture
CopyAcceleratorTableW
PtInRect
LoadAcceleratorsW
TranslateAcceleratorW
ReuseDDElParam
ReleaseDC
GetWindowDC
UnregisterClassW
RegisterClipboardFormatW
InflateRect
SetRect
IsRectEmpty
DrawTextW
wsprintfW
GetActiveWindow
GetSysColor
MessageBeep
SetCursor
LoadCursorW
MessageBoxW
GetKeyState
DispatchMessageW
GetSystemMetrics
CharUpperW
GetMenuItemID
AppendMenuW
GetMenuState
GetSubMenu
GetMenuItemCount
IsMenu
IsWindowEnabled
GetDlgItem
GetWindowLongW
DestroyWindow
CreateDialogIndirectParamW
EnableWindow
IsWindow
SetActiveWindow
GetDesktopWindow
EndDialog
SendMessageW
PostMessageW
GetSystemMenu
IsIconic
BringWindowToTop
GetWindowRect
GetClientRect
MapWindowPoints
ClientToScreen
ScreenToClient
BeginPaint
EndPaint
GetDC
GetClipboardFormatNameA

gdi32

CreateSolidBrush
GetObjectType
GetStockObject
GetObjectW
GetDeviceCaps
CreateCompatibleDC
SelectObject
GetBkColor
GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
DPtoLP
PtVisible
RectVisible
BitBlt
GetPixel
TextOutW
ExtTextOutW
GetTextExtentPoint32W
Escape
CreateFontIndirectW
CreatePatternBrush
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
ExtSelectClipRgn
CreateBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
GetRgnBox

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptAcquireContextW
CryptSetProvParam
CryptGetProvParam
CryptGetUserKey
CryptGetKeyParam
CryptReleaseContext
RegEnumKeyW
OpenThreadToken
RevertToSelf
SetThreadToken
RegQueryValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
CryptDestroyKey
RegOpenKeyW
RegCloseKey
FreeSid
SetSecurityInfo
SetEntriesInAclW
AllocateAndInitializeSid
GetSecurityInfo
RegQueryValueExW
RegOpenKeyExW
CryptSetKeyParam

shell32

ShellExecuteW
DragFinish
DragQueryFileW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
SysAllocString
VariantClear
VariantCopy
SysFreeString
SysStringLen
SystemTimeToVariantTime
SafeArrayDestroy
VariantTimeToSystemTime

lcs-cav1.0

M_FormatToken
C_DestroyObject
C_FindObjectsFinal
C_GetAttributeValue
C_FindObjects
C_FindObjectsInit
M_ReloadObjects
C_Finalize
C_Initialize
C_WaitForSlotEvent
C_CreateObject
M_GetUserInfo
C_InitPIN
C_SetPIN
M_SetTokenLabel
C_GetTokenInfo
C_OpenSession
C_GetSlotList
C_Login
C_Logout
C_CloseSession

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f267a52a58275bf616dcfa63340bc24

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

cryptui

gdiplus

wininet

version

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

lcs-cav1.0

Sections

.text Size: 738KB - Virtual size: 737KB

.rdata Size: 226KB - Virtual size: 226KB

.data Size: 18KB - Virtual size: 36KB

.rsrc Size: 309KB - Virtual size: 308KB

.text
Size: 738KB - Virtual size: 737KB

.rdata
Size: 226KB - Virtual size: 226KB

.data
Size: 18KB - Virtual size: 36KB

.rsrc
Size: 309KB - Virtual size: 308KB