6bef18c369d49356f9633b5de963ed97a8711197ae92a0bcc8317dd0e761e598

Sharing

Copy URL

Twitter E-mail

General

Target

6bef18c369d49356f9633b5de963ed97a8711197ae92a0bcc8317dd0e761e598
Size

7.6MB
MD5

3934af509ac16ea3ada952fb9582b402
SHA1

373b6c314697de3f518164c372059e29b8d5b7d1
SHA256

6bef18c369d49356f9633b5de963ed97a8711197ae92a0bcc8317dd0e761e598
SHA512

81fd965052639a2d8189ad8e4b17099a1158faa615ee6653fa6605f958a23d88204ad450af90d4c25796593aeba302ca176cf032a6dee73b6041513fcc05aad2
SSDEEP

196608:oQmJAizJhEs2VKLO1jE6+HQ61bbbbUKwSHIbbbbLt:oQmJtQKLO1jE6+HQ61bbbbXwSHIbbbbR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bef18c369d49356f9633b5de963ed97a8711197ae92a0bcc8317dd0e761e598

Files

6bef18c369d49356f9633b5de963ed97a8711197ae92a0bcc8317dd0e761e598
.exe windows:4 windows x64

7bad67def9688adc82bd90a3f2d3bb2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libcurl-4

curl_easy_cleanup
curl_easy_init
curl_easy_perform
curl_easy_setopt

libfftw3-3

fftw_destroy_plan
fftw_execute
fftw_free
fftw_malloc
fftw_plan_dft_1d
fftw_plan_dft_2d
fftw_plan_dft_3d
fftw_plan_many_dft

libfftw3_threads-3

fftw_cleanup_threads
fftw_init_threads
fftw_plan_with_nthreads

libgcc_s_seh-1

_Unwind_Resume

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
SelectObject
SetDIBitsToDevice

libgomp-1

GOMP_atomic_end
GOMP_atomic_start
GOMP_barrier
GOMP_critical_end
GOMP_critical_name_end
GOMP_critical_name_start
GOMP_critical_start
GOMP_parallel
omp_get_max_threads
omp_get_num_threads
omp_get_thread_num
omp_set_num_threads

libjpeg-8

jpeg_CreateCompress
jpeg_CreateDecompress
jpeg_destroy
jpeg_destroy_compress
jpeg_destroy_decompress
jpeg_finish_compress
jpeg_finish_decompress
jpeg_read_header
jpeg_read_scanlines
jpeg_set_defaults
jpeg_set_quality
jpeg_start_compress
jpeg_start_decompress
jpeg_std_error
jpeg_stdio_dest
jpeg_stdio_src
jpeg_write_scanlines

kernel32

CloseHandle
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
GetCurrentThreadId
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesW
GetFileTime
GetLastError
GetLocalTime
GetShortPathNameA
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseMutex
SearchPathA
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateThread
TlsGetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_errno
_filelengthi64
_fileno
_fmode
_getpid
_initterm
_lock
_onexit
_setjmp
_setmode
_strtoi64
_strtoui64
_unlock
_wfopen
abort
acos
asin
atan
calloc
cosh
exit
fclose
fflush
fgetc
fgetpos
fopen
fprintf
fputc
fread
free
fsetpos
fseek
ftell
fwrite
getc
getenv
isspace
isxdigit
localeconv
log10
longjmp
malloc
memchr
memcpy
memmove
memset
qsort
realloc
remove
rename
rewind
setlocale
signal
sinh
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtol
strtoul
system
tan
tanh
tolower
ungetc
vfprintf
wcslen

libpng16-16

png_create_info_struct
png_create_read_struct
png_create_write_struct
png_destroy_read_struct
png_destroy_write_struct
png_get_IHDR
png_get_valid
png_init_io
png_read_end
png_read_image
png_read_info
png_read_update_info
png_set_IHDR
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_gray_to_rgb
png_set_interlace_handling
png_set_longjmp_fn
png_set_palette_to_rgb
png_set_sig_bytes
png_set_tRNS_to_alpha
png_sig_cmp
png_write_end
png_write_image
png_write_info

libwinpthread-1

pthread_create
pthread_exit
pthread_join

shell32

SHGetSpecialFolderPathA

libstdc++-6

_ZNSt9exceptionD2Ev
_ZSt9terminatev
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdaPv
_ZdlPv
_Znay
_Znwy
__cxa_allocate_exception
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__cxa_throw_bad_array_new_length
__gxx_personality_seh0

libtiff-6

TIFFClose
TIFFComputeStrip
TIFFDefaultStripSize
TIFFFileName
TIFFGetField
TIFFGetFieldDefaulted
TIFFIsTiled
TIFFOpen
TIFFReadDirectory
TIFFReadEncodedStrip
TIFFReadRGBAImage
TIFFReadTile
TIFFSetDirectory
TIFFSetErrorHandler
TIFFSetField
TIFFSetWarningHandler
TIFFStripSize
TIFFTileSize
TIFFWriteDirectory
TIFFWriteEncodedStrip
_TIFFfree
_TIFFmalloc

user32

AdjustWindowRect
ChangeDisplaySettingsA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumDisplaySettingsA
GetDC
GetDesktopWindow
GetMessageA
GetWindowLongPtrA
GetWindowRect
PeekMessageA
ReleaseDC
SetForegroundWindow
SetWindowLongPtrA
SetWindowPos
SetWindowTextA
ShowCursor
ShowWindow
TrackMouseEvent

zlib1

compress
compressBound
uncompress

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bad67def9688adc82bd90a3f2d3bb2a

Headers

DLL Characteristics

File Characteristics

Imports

libcurl-4

libfftw3-3

libfftw3_threads-3

libgcc_s_seh-1

gdi32

libgomp-1

libjpeg-8

kernel32

msvcrt

libpng16-16

libwinpthread-1

shell32

libstdc++-6

libtiff-6

user32

zlib1

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.data Size: 12KB - Virtual size: 11KB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.pdata Size: 34KB - Virtual size: 34KB

.xdata Size: 222KB - Virtual size: 222KB

.bss Size: - Virtual size: 3KB

.idata Size: 11KB - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6.0MB - Virtual size: 6.0MB

.data
Size: 12KB - Virtual size: 11KB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.pdata
Size: 34KB - Virtual size: 34KB

.xdata
Size: 222KB - Virtual size: 222KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 11KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB