b6e40f235548be20d5cc90c8d50511ac8be3149e736e13f9b5731a347081db39

Sharing

Copy URL Twitter E-mail

General

Target

b6e40f235548be20d5cc90c8d50511ac8be3149e736e13f9b5731a347081db39
Size

4.7MB
MD5

30ab770ad327322342a2ecaf8bd21616
SHA1

a0cd48e967f76594c559fa431527f8c9d054bed8
SHA256

b6e40f235548be20d5cc90c8d50511ac8be3149e736e13f9b5731a347081db39
SHA512

a74a2d219f7fb9161c583c3086a1149f17f411681dae6dba2541350f8275f2fc7051167adee26da703023f7e09b477a87260ee50a6ae32ad4a124f92620f7185
SSDEEP

98304:5s5slonqLS0AuOhEpN7PE3Z59YIXyLoCAKWGc:5s4mhEpNTmvYIC0CTi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6e40f235548be20d5cc90c8d50511ac8be3149e736e13f9b5731a347081db39

Files

b6e40f235548be20d5cc90c8d50511ac8be3149e736e13f9b5731a347081db39
.exe windows x86

4ebdfa6a29f7d0700797439b652cef9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegConnectRegistryW

kernel32

EnumResourceTypesW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

LoadStringW

ole32

CoInitialize

oleaut32

VariantChangeType

Exports

Exports

@@File1@Finalize
@@File1@Initialize
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 422KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ebdfa6a29f7d0700797439b652cef9b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: - Virtual size: 864KB

.data Size: - Virtual size: 88KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: - Virtual size: 4KB

.idata Size: - Virtual size: 8KB

.edata Size: - Virtual size: 4KB

.vmp0 Size: - Virtual size: 4.6MB

.vmp1 Size: 4.3MB - Virtual size: 4.3MB

.reloc Size: 512B - Virtual size: 172B

.rsrc Size: 422KB - Virtual size: 421KB

.text
Size: - Virtual size: 864KB

.data
Size: - Virtual size: 88KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 8KB

.edata
Size: - Virtual size: 4KB

.vmp0
Size: - Virtual size: 4.6MB

.vmp1
Size: 4.3MB - Virtual size: 4.3MB

.reloc
Size: 512B - Virtual size: 172B

.rsrc
Size: 422KB - Virtual size: 421KB