6f1259f935375e73b4964dc57894f4ad4f8e07b83dcb64dabe186dada0297f81

Sharing

Copy URL

Twitter E-mail

General

Target

6f1259f935375e73b4964dc57894f4ad4f8e07b83dcb64dabe186dada0297f81
Size

4.5MB
MD5

b6fd1ee4ebc4414d7452c20d65d1feb0
SHA1

22b432c08b827ff206b68d25bb0de44a294b6948
SHA256

6f1259f935375e73b4964dc57894f4ad4f8e07b83dcb64dabe186dada0297f81
SHA512

7562f07bfddd8b0990c7f34a0654250ff32a13f9755fe39feed288101cbc8970fe1ef414f0df91b3c48bb795e64fe39be261656fb1a5cfa7c6ce0058a745359f
SSDEEP

49152:wrK6yk1FN3Ys66ZHfmjgM20dSWmciiiiiiiiiUiiiiiiiiieGWKkxan6QPpmBIjl:q5mjVJLmrxkojPpkIjD0L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f1259f935375e73b4964dc57894f4ad4f8e07b83dcb64dabe186dada0297f81

Files

6f1259f935375e73b4964dc57894f4ad4f8e07b83dcb64dabe186dada0297f81
.exe windows x86

2c4847eb80c481fae8799273a55eb237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetModuleFileNameA
LoadLibraryA
GetStringTypeA
LCMapStringW
GetProcAddress
FreeLibrary
VirtualProtect
GetLastError
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
GetStringTypeW
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
RtlMoveMemory
CreateFileA
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
OpenMutexA
CreateMutexA
GlobalSize
lstrlenA
lstrcpyn
lstrcpynA
GetFileAttributesW
LocalAlloc
LocalFree
LocalSize
TerminateThread
GlobalFree
GetShortPathNameA
lstrlenW

user32

MessageBoxA
MoveWindow
CallWindowProcA
EnumDisplaySettingsA
UpdateLayeredWindow
SetWindowLongA
IsWindow
DrawFocusRect
ClientToScreen
CreateWindowExA
SendMessageA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyA
RegCreateKeyA
RegDeleteTreeA
RegSetValueExA
RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
LookupAccountNameA
ConvertSidToStringSidA

gdiplus

GdiplusStartup
GdiplusShutdown
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipGetImageWidth
GdipDisposeImage
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipCreateBitmapFromStreamICM
GdipSaveImageToStream
GdipCreateBitmapFromStream
GdipCreateMatrix
GdipSetWorldTransform
GdipDrawImageRect
GdipDeleteMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetTextRenderingHint
GdipGetTextRenderingHint
GdipDrawRectangle
GdipDrawRectangleI
GdipDeletePen
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipBitmapApplyEffect
GdipCreateSolidFill
GdipDeleteBrush
GdipSetSolidFillColor
GdipGetSolidFillColor
GdipLoadImageFromStreamICM
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipGetImageDimension
GdipDeleteGraphics
GdipImageSelectActiveFrame

gdi32

SelectObject
SetDCBrushColor
SetDCPenColor
DeleteObject
DeleteDC
CreateCompatibleDC
CreateDIBSection
BitBlt
GdiFlush
Rectangle
StretchBlt
GdiTransparentBlt
GetDIBits
CreateCompatibleBitmap
SetTextColor

hid

HidD_GetHidGuid
HidD_GetAttributes
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_SetFeature
HidD_GetFeature

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
CLSIDFromString
CoInitialize
CoUninitialize
StringFromGUID2

msvcrt

strlen

shell32

SHAppBarMessage
SHChangeNotify

winspool.drv

EnumPrintersA
OpenPrinterA
DeletePrinter
ClosePrinter
GetDefaultPrinterA
AddPrinterA
GetPrinterA
SetPrinterA

shlwapi

StrCmpLogicalW

crypt32

CryptBinaryToStringA

msimg32

AlphaBlend

oleaut32

OleLoadPicture

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.yt
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c4847eb80c481fae8799273a55eb237

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdiplus

gdi32

hid

setupapi

ole32

msvcrt

shell32

winspool.drv

shlwapi

crypt32

msimg32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 84KB - Virtual size: 82KB

.yt Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 84KB - Virtual size: 82KB

.yt
Size: 1.2MB - Virtual size: 1.2MB