c6f602bb449fe4c15a9e734ad30a6668a0f7dcae00fa0095c30cc0db71d100b6

Sharing

Copy URL Twitter E-mail

General

Target

c6f602bb449fe4c15a9e734ad30a6668a0f7dcae00fa0095c30cc0db71d100b6
Size

157KB
MD5

62e6d6e33238965590cb567d61ff63d6
SHA1

5c34093ef2503de6df0f35bd95c6c1a1f3b8a73d
SHA256

c6f602bb449fe4c15a9e734ad30a6668a0f7dcae00fa0095c30cc0db71d100b6
SHA512

f5ad50048e313427e915354858dd73e1c8a26a7940d256405b2314819bb98ccd50299943616e3eea9b1a9e45788a71a7d43233b8fb1e7a31bfd2f349a5fbfafe
SSDEEP

3072:8pfo4/FkRo0ooD2d7fSiI45ge6j455WZAg0Fuj0JEnPq3vYtL:8F9uhD2d7f3xwZAOYsKM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6f602bb449fe4c15a9e734ad30a6668a0f7dcae00fa0095c30cc0db71d100b6

Files

c6f602bb449fe4c15a9e734ad30a6668a0f7dcae00fa0095c30cc0db71d100b6
.dll windows:6 windows x86

6a99e9b10fd1bb0ec6324f314b6bcf7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
FindClose
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
HeapSize
InitializeCriticalSectionEx
TerminateProcess
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
HeapFree
GetProcAddress
SetStdHandle
ReadConsoleW
GetConsoleMode
ReadFile
GetACP
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetModuleFileNameA
WriteConsoleW
GetModuleHandleExW
ExitProcess
GetFileType
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
InterlockedFlushSList
RtlUnwind
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
EncodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a99e9b10fd1bb0ec6324f314b6bcf7d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB