6fc0b67c34afe331fdced830442b019b903e044bc20d7205f9479acc76677597 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fc0b67c34afe331fdced830442b019b903e044bc20d7205f9479acc76677597
Size

12.5MB
MD5

c83a20746d042497b43996801a8f9cfb
SHA1

bc6dc4ebe8cac790d075991152206bfc4c784fb2
SHA256

6fc0b67c34afe331fdced830442b019b903e044bc20d7205f9479acc76677597
SHA512

24a40c3d5f8a78d67f37d8f49e7cb6da332d5ca64f9507dab8eba47f866628e8a81245b75c80530cf0be6a3fb36ed8cfb5c7cb674d184eec1243231a8d31ea32
SSDEEP

196608:q0dumSf3Iaem9wnXygWGBhhgQouRJ/4lVEJv4iVuU5AyEUuqmU52SAtfAac1eAz:chbem9pgtZu6548usjueAtY7e6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fc0b67c34afe331fdced830442b019b903e044bc20d7205f9479acc76677597

Files

6fc0b67c34afe331fdced830442b019b903e044bc20d7205f9479acc76677597
.exe windows:4 windows x86

29264dc7f280213ceff9dfa9ab6ee25a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

user32

GetSysColorBrush

gdi32

SaveDC

winmm

midiStreamRestart

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoTaskMemFree

oleaut32

VariantCopy

comctl32

ImageList_ReplaceIcon

oledlg

ord8

ws2_32

recv

Sections

.text
Size: 4.2MB - Virtual size: 25.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE