6bf4879e15b5e25b35144fe4e136705afb501b21f78eb1cacf45618a1452d272[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6bf4879e15b5e25b35144fe4e136705afb501b21f78eb1cacf45618a1452d272.exe
Size

1.1MB
MD5

7bc322d95951dfe16e8cf47ee586e909
SHA1

8c869a4b57a47ce0e9c578a33413f125d58dbc47
SHA256

6bf4879e15b5e25b35144fe4e136705afb501b21f78eb1cacf45618a1452d272
SHA512

a067d58e0e6bd78b712df92dcafe0f7e06fb9ae7467846e37bd4365e496d581e68a619527188a6202bdf233c11a04d36c7e6b3779da9cbc5c3e50c523f6ab133
SSDEEP

24576:/tRMjYNhgRN9DlC2GGaH/ze/Kusd3QO+RSDy4s+:/bMjYbgRbDlwGaH/csd76SDy4s+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bf4879e15b5e25b35144fe4e136705afb501b21f78eb1cacf45618a1452d272.exe

Files

6bf4879e15b5e25b35144fe4e136705afb501b21f78eb1cacf45618a1452d272.exe
.exe windows x86

2a486f6a5873b95792195d458df2cfdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetPrivateProfileStringA
GetDiskFreeSpaceA
FindFirstFileA
FindClose
GetModuleFileNameA
GetDriveTypeA
WinExec
MoveFileExA
GetShortPathNameA
lstrcatA
LocalAlloc
GetTempPathA
LocalFree
GetCurrentProcess
SetFileTime
LoadLibraryA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
GetSystemDirectoryA
lstrlenA
GetFullPathNameA
GlobalFree
GlobalAlloc
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateDirectoryA
HeapCompact
HeapSize
TerminateProcess
ExitProcess
GetFileAttributesA
SetFileAttributesA
MoveFileA
DeleteFileA
HeapAlloc
HeapFree
GetLastError
SetCurrentDirectoryA
MultiByteToWideChar
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetEnvironmentVariableA
WritePrivateProfileStringA
GlobalHandle
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetHandleCount
SetFilePointer
CreateFileA
ReadFile
WriteFile
GetCurrentDirectoryA
CloseHandle
GlobalLock
GlobalUnlock
RtlUnwind

user32

DestroyWindow
TranslateMessage
GetMessageA
IsWindowVisible
DispatchMessageA
EndPaint
CreateDialogIndirectParamA
MessageBoxA
wsprintfA
SetWindowTextA
SetWindowPos
ShowWindow
IsDialogMessageA
GetDlgItem
ScreenToClient
GetWindowRect
SendDlgItemMessageA
EnableWindow
SetFocus
SendMessageA
SetDlgItemTextA
GetDlgItemTextA
KillTimer
BeginPaint
SetTimer
RegisterWindowMessageA
OemToCharA
GetParent
GetDC
ReleaseDC
SetWindowLongA
GetClientRect
FillRect
GetWindow
GetSysColor
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
FindWindowA
GetLastActivePopup
BringWindowToTop
GetSystemMetrics
AdjustWindowRectEx
UpdateWindow
IsIconic
RedrawWindow
PostQuitMessage
DefWindowProcA
PostMessageA
IsDlgButtonChecked
ExitWindowsEx
CheckDlgButton

gdi32

AddFontResourceA
ExtTextOutA
GetStockObject
CreateSolidBrush
DeleteObject
CreateFontIndirectA
GetObjectA
SetBkColor
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
StretchDIBits
RealizePalette
SelectPalette
IntersectClipRect
TextOutA
SetTextColor
SetBkMode
CreateDIBPatternBrush
SelectObject
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetSaveFileNameA

advapi32

LookupPrivilegeValueA
RegQueryValueA
RegOpenKeyA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

ole32

CoCreateInstance
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a486f6a5873b95792195d458df2cfdc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

version

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB