6bf4dd1b4d8c0f2a5c633e06c303598cd10cd0892648529d4eb446e2aea5f2dc

Sharing

Copy URL

Twitter E-mail

General

Target

6bf4dd1b4d8c0f2a5c633e06c303598cd10cd0892648529d4eb446e2aea5f2dc
Size

2.0MB
MD5

6d1dbb58a36b888bc80506f9c488b34c
SHA1

b93d4730e0b0653199d25c716ec0b8394ee2e80b
SHA256

6bf4dd1b4d8c0f2a5c633e06c303598cd10cd0892648529d4eb446e2aea5f2dc
SHA512

bd9c1b2e397e80bcbf7cdc6b1c2c435b1483511d6e6c54491a666ff76652758a53b95614830228f34b7c7070dc1a1c256afa14f6f78eaceba279c117db310e01
SSDEEP

49152:fpBRZtpAHm6ZJ7Ei9MDk0nk7M42mr5T06icGByUe5ViHPl9iWQl:fvRZkmwJ7E40nk/3lizre5cHPfiWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bf4dd1b4d8c0f2a5c633e06c303598cd10cd0892648529d4eb446e2aea5f2dc

Files

6bf4dd1b4d8c0f2a5c633e06c303598cd10cd0892648529d4eb446e2aea5f2dc
.exe windows:4 windows x86

ad2f4018355f32a63151cbd162bcde01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA

comctl32

ImageList_Destroy

oleaut32

RegisterTypeLi

ole32

OleInitialize

shell32

ShellExecuteA

advapi32

OpenProcessToken

winspool.drv

ClosePrinter

gdi32

GetSystemPaletteEntries

user32

ScrollWindowEx

kernel32

GetVersion

ws2_32

accept

winmm

waveOutPrepareHeader

Sections

.text
Size: - Virtual size: 679KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 826KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad2f4018355f32a63151cbd162bcde01

Headers

File Characteristics

Imports

comdlg32

comctl32

oleaut32

ole32

shell32

advapi32

winspool.drv

gdi32

user32

kernel32

ws2_32

winmm

Sections

.text Size: - Virtual size: 679KB

.rdata Size: - Virtual size: 168KB

.data Size: - Virtual size: 229KB

.vdata Size: - Virtual size: 24KB

.text Size: - Virtual size: 772KB

.data Size: - Virtual size: 826KB

.text Size: 1.9MB - Virtual size: 1.9MB

.data Size: 4KB - Virtual size: 636B

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: - Virtual size: 679KB

.rdata
Size: - Virtual size: 168KB

.data
Size: - Virtual size: 229KB

.vdata
Size: - Virtual size: 24KB

.text
Size: - Virtual size: 772KB

.data
Size: - Virtual size: 826KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 4KB - Virtual size: 636B

.rsrc
Size: 24KB - Virtual size: 23KB