6f09ab11ebc72d27ea4de801062295588b55f6dc12d3e62812deb8f145069fa6

Sharing

Copy URL Twitter E-mail

General

Target

6f09ab11ebc72d27ea4de801062295588b55f6dc12d3e62812deb8f145069fa6
Size

3.8MB
MD5

cc33a17a613a7f1f329e9a3de16c6b84
SHA1

bb4be075f22350c581daca55a1201b7dd4fbb948
SHA256

6f09ab11ebc72d27ea4de801062295588b55f6dc12d3e62812deb8f145069fa6
SHA512

4878c5725f2a9e75a933579c6662f3ea1225eb024810894a7c1bdfb447bf181f2501d0cde1b49814f7b1811d802b8478c5dc62d5cc9faf3d68f0f32c20e96a3d
SSDEEP

98304:To/6d1Lj51InapczsTCs7eJbRFTI8V7X3EztHOnKF5Gnfm29:nLIAisTYUU3EzOCUnfT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f09ab11ebc72d27ea4de801062295588b55f6dc12d3e62812deb8f145069fa6

Files

6f09ab11ebc72d27ea4de801062295588b55f6dc12d3e62812deb8f145069fa6
.exe windows:4 windows x86

14ba9c1a6f98ad0d211cee6d4c61a536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

rasapi32

RasHangUpA

kernel32

GetTimeZoneInformation

user32

IsWindowEnabled

gdi32

LineTo

msimg32

GradientFill

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CoGetClassObject

oleaut32

SysAllocStringLen

comctl32

ImageList_Add

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 2.7MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 768KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14ba9c1a6f98ad0d211cee6d4c61a536

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 2.7MB - Virtual size: 4.8MB

.sedata Size: 768KB - Virtual size: 768KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 364KB - Virtual size: 364KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 2.7MB - Virtual size: 4.8MB

.sedata
Size: 768KB - Virtual size: 768KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 364KB - Virtual size: 364KB

.sedata
Size: 4KB - Virtual size: 4KB