6ccd11a1236b38e19e975b070f64ed0ebbb8325e9367e93e863e8600e4e473bb

Resubmissions

19-09-2023 03:58

230919-ejj83agg72 3

19-09-2023 03:46

230919-ebptksef4t 3

Sharing

Copy URL

Twitter E-mail

General

Target

6ccd11a1236b38e19e975b070f64ed0ebbb8325e9367e93e863e8600e4e473bb
Size

1.4MB
MD5

9b1d9a3ce645a872a66dd45fc1e8bc46
SHA1

a0268f9c1d3e66112e1ac9d857b7b12764a2901d
SHA256

6ccd11a1236b38e19e975b070f64ed0ebbb8325e9367e93e863e8600e4e473bb
SHA512

0d81a0d3de19bfae1a879f01383e7bfb89d97cbc1ae57e8cd0ad57fa0a614624ecaca07c549554ace8a5c8573ace1ddc9f3db7611825e2ceec3d5b1449d2cb40
SSDEEP

24576:tXsW9toZEb16SR26Rn4burFbgjtL5gLdLad2NQuckwN0V6rgcmfdP/rYYDsxUKko:tcWzoabBR2Gzr9gjtLuJxwG6UpJsx24/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ccd11a1236b38e19e975b070f64ed0ebbb8325e9367e93e863e8600e4e473bb

Files

6ccd11a1236b38e19e975b070f64ed0ebbb8325e9367e93e863e8600e4e473bb
.dll windows x86

451c55c4bcbc17a6269b9873ba39b9f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

select
WSAGetLastError

gdi32

DeleteColorSpace
CreateMetaFileW
UnrealizeObject

shell32

SHSetLocalizedName
SHGetFileInfoA

kernel32

GetModuleFileNameW
GetModuleFileNameA
LeaveCriticalSection
DeleteCriticalSection
GetExitCodeProcess
SetEvent
GetSystemTimeAsFileTime
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetBinaryTypeW

wintrust

CryptCATAdminReleaseCatalogContext

setupapi

SetupDiDestroyDeviceInfoList

shlwapi

StrCpyNW

user32

ShowWindow
DefWindowProcA
SetMessageExtraInfo
AdjustWindowRectEx

advapi32

SetServiceObjectSecurity
AddAccessDeniedObjectAce

oleaut32

SafeArrayCreate

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 708KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

36naf
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

451c55c4bcbc17a6269b9873ba39b9f6

Headers

File Characteristics

Imports

ws2_32

gdi32

shell32

kernel32

wintrust

setupapi

shlwapi

user32

advapi32

oleaut32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 36KB - Virtual size: 35KB

CRT Size: 708KB - Virtual size: 704KB

36naf Size: 624KB - Virtual size: 623KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 36KB - Virtual size: 35KB

CRT
Size: 708KB - Virtual size: 704KB

36naf
Size: 624KB - Virtual size: 623KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 11KB