6ff80a7cdd6e3a53f52db4658a6c82e784264752c0c66b14759320fdac509132

Sharing

Copy URL Twitter E-mail

General

Target

6ff80a7cdd6e3a53f52db4658a6c82e784264752c0c66b14759320fdac509132
Size

142KB
MD5

0f34a46f3841a665467724024e23ee32
SHA1

5f3e77b80c9783d729567213acefe993ef17fbb3
SHA256

6ff80a7cdd6e3a53f52db4658a6c82e784264752c0c66b14759320fdac509132
SHA512

6414871ad385c74f1c62167f79253fa5bd8903716c332369ea18e91c95a53960dc6c9c7c6702eb636439088084e883d8814d611e8df94c84f19e390b0771e8aa
SSDEEP

1536:Gc11dE6GKNrMKOm7bCx4H7rbk1kTM38EpNBrrGgtCPKsOZB7OdAKw8q1Ra6q:GGdrPytmPCiH7rbk1kqEgI+6w8WFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ff80a7cdd6e3a53f52db4658a6c82e784264752c0c66b14759320fdac509132

Files

6ff80a7cdd6e3a53f52db4658a6c82e784264752c0c66b14759320fdac509132
.exe windows x86

358b0f6be844a2fe1523e66793b6f065

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

InitCommonControlsEx
SetWindowSubclass

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectW
GetStockObject
SelectObject
SetBkColor
SetBkMode
SetTextColor
TextOutW

gdiplus

GdipBitmapGetPixel
GdipBitmapSetPixel
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreatePen1
GdipDeleteBrush
GdipDeleteCustomLineCap
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeletePen
GdipDisposeImage
GdipDrawArc
GdipDrawImageRect
GdipDrawLine
GdipFillPie
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageHeight
GdipGetImageWidth
GdipGetMatrixElements
GdipGetPathGradientPointCount
GdipGetPenFillType
GdipSaveImageToFile
GdipSetImageAttributesRemapTable
GdipSetSmoothingMode
GdiplusShutdown
GdiplusStartup

kernel32

CloseHandle
CompareStringW
CreateFileW
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileW
FindResourceW
FreeLibrary
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetLargestConsoleWindowSize
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LockResource
MoveFileW
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
SetConsoleMode
SetConsoleWindowInfo
SetFilePointer
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte
WritePrivateProfileStringW

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_controlfp
_errno
_fmode
_fpreset
_initterm
_iob
_itoa
_itow
_lock
_onexit
_snprintf
_ultoa
_ultow
_unlock
abort
atexit
calloc
exit
fprintf
fputs
free
fwrite
islower
iswctype
localeconv
malloc
mbstowcs
memset
memcpy
qsort
realloc
setlocale
signal
strchr
strlen
strncmp
strtoul
toupper
towupper
vfprintf
wcscmp
wcscspn
wcslen
wcsncmp
wcsstr
wcstod
wcstombs

ole32

CreateStreamOnHGlobal

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen

shell32

SHGetPathFromIDListW

shlwapi

PathRemoveBackslashW

user32

AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
CallWindowProcW
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageW
DrawTextW
EnableWindow
EndDeferWindowPos
EndPaint
EnumThreadWindows
FillRect
FindWindowW
FlashWindowEx
GetClassLongW
GetClassNameA
GetClassNameW
GetClientRect
GetDC
GetDlgCtrlID
GetDlgItem
GetMenu
GetMessageW
GetParent
GetPropW
GetScrollInfo
GetSysColor
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
InvalidateRect
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
LoadCursorW
LoadImageA
LoadImageW
MapWindowPoints
MessageBoxW
OpenIcon
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendMessageA
SendMessageW
SetClassLongW
SetCursor
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetParent
SetPropW
SetRect
SetScrollInfo
SetWindowLongW
SetWindowPlacement
SetWindowPos
ShowWindow
SystemParametersInfoW
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnregisterClassW
UpdateWindow

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 282KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

358b0f6be844a2fe1523e66793b6f065

Headers

File Characteristics

Imports

comctl32

gdi32

gdiplus

kernel32

msvcrt

ole32

oleaut32

shell32

shlwapi

user32

version

Sections

.text Size: 110KB - Virtual size: 109KB

.data Size: 5KB - Virtual size: 4KB

.rdata Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 282KB

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 5KB - Virtual size: 4KB

.rdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 282KB

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 7KB - Virtual size: 7KB