6b2d271b3ef6a2c8f872daa35eeb7bffe526809f9daf9c881662685bbf5aadad

Sharing

Copy URL

Twitter E-mail

General

Target

6b2d271b3ef6a2c8f872daa35eeb7bffe526809f9daf9c881662685bbf5aadad
Size

2.4MB
MD5

64e876cb4995a05a4fcc9942da36f1c5
SHA1

4007e68ca9eb7da041c3110f837d547aedc4c7a9
SHA256

6b2d271b3ef6a2c8f872daa35eeb7bffe526809f9daf9c881662685bbf5aadad
SHA512

1abc2b4ee7f8378f79ad1ef0e56b8b6b291f0065713d780ba95a0e870f01795b7b6c3296f6f47709c7857e12cbb4436fc802a232ede69136d52d72cf361b4bf2
SSDEEP

24576:pzyW0zy4rzy2hzyxzyYzy7rwzymzy+cFGu7XyGW1G4dPApPWLg0RPtdyzAFQTEbm:+5lrNFGu7XyGx4ndy82ay7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b2d271b3ef6a2c8f872daa35eeb7bffe526809f9daf9c881662685bbf5aadad

Files

6b2d271b3ef6a2c8f872daa35eeb7bffe526809f9daf9c881662685bbf5aadad
.exe windows:4 windows x86

da0db432b25f23e0a46df92a1e857aee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3

urlmon

URLOpenPullStreamA
URLOpenStreamW
URLOpenStreamA
UrlMkGetSessionOption
UrlMkSetSessionOption
URLOpenPullStreamW

mpr

WNetCloseEnum

comctl32

ord17
ImageList_Write
InitializeFlatSB

version

VerLanguageNameW
VerQueryValueA
VerQueryValueW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW
VerLanguageNameA

kernel32

TlsSetValue
UnhandledExceptionFilter
SetThreadPriority
SetLastError
TlsGetValue
SuspendThread
SleepEx
Sleep
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
SizeofResource
SetFilePointer
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
LeaveCriticalSection
ExitProcess
GetTickCount
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetCPInfo
IsValidCodePage
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateEventW
CreateFileMappingW
CreateFileW
CreateMutexW
CreateThread
DeleteCriticalSection
EnumCalendarInfoW
EnumResourceNamesW
EnumSystemLocalesW
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCommandLineW
GetComputerNameW
GetCPInfoExW
GetDateFormatW
GetDiskFreeSpaceW
GetDriveTypeW
GetExitCodeThread
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetLocalTime
GetLogicalDrives
GetLogicalDriveStringsW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetTempPathW
GetThreadLocale
GetThreadPriority
GetVersion
GetVersionExW
GetVolumeInformationW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalHandle
GlobalLock
GlobalSize
GlobalUnlock
InterlockedCompareExchange
InterlockedExchangeAdd
IsValidLocale
QueryPerformanceFrequency
RaiseException
ReadFile
ResetEvent
ResumeThread
SetEndOfFile
SetErrorMode
SetEvent
WriteFile

user32

GetScrollRange
WindowFromPoint
GetDesktopWindow
ReleaseCapture
CallWindowProcW
CharLowerBuffW
CharLowerW
CharNextW
CharUpperBuffW
CharUpperW
CheckMenuItem
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyIcon
CopyImage
CountClipboardFormats
CreateAcceleratorTableW
CreateIcon
WaitMessage
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DragDetect
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawTextA
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EnumChildWindows
EnumClipboardFormats
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowExW
FindWindowW
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetCursorPos
GetDCEx
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyNameTextW
GetKeyState
GetLastActivePopup
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringW
GetMessageExtraInfo
GetMessagePos
GetMessageW
GetParent
GetPropW
GetScrollInfo
GetScrollPos
CreateMenu
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentA
GetTabbedTextExtentW
GetUpdateRect
GetUpdateRgn
IsIconic
IsMenu
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadKeyboardLayoutW
LoadMenuW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjectsEx
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
SystemParametersInfoW
TabbedTextOutA
TabbedTextOutW
ToAsciiEx
ToUnicode
TrackPopupMenuEx
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
ValidateRect

winspool.drv

SetPrinterDataW
SetPrinterDataExA
SetPrinterDataExW
WaitForPrinterChange
SetFormA
SetFormW
XcvDataW
WritePrinter
SetPortW
StartPagePrinter
StartDocPrinterW
StartDocPrinterA
SetPrinterW
SetPrinterA
SetJobW
SetJobA
OpenPrinterW
EnumPrintersW
SetPortA

advapi32

RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW

Sections

.text
Size: 428KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 996KB - Virtual size: 996KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flr527
Size: 999KB - Virtual size: 999KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da0db432b25f23e0a46df92a1e857aee

Headers

File Characteristics

Imports

msvcrt

urlmon

mpr

comctl32

version

kernel32

user32

winspool.drv

advapi32

Sections

.text Size: 428KB - Virtual size: 424KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 14.0MB

.tls Size: 4KB - Virtual size: 16B

.rsrc Size: 996KB - Virtual size: 996KB

.flr527 Size: 999KB - Virtual size: 999KB

.text
Size: 428KB - Virtual size: 424KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 14.0MB

.tls
Size: 4KB - Virtual size: 16B

.rsrc
Size: 996KB - Virtual size: 996KB

.flr527
Size: 999KB - Virtual size: 999KB