6c847c59db16d021cd806a86c94936a086f3561f863bc6a4222aaa2292754c63

Sharing

Copy URL Twitter E-mail

General

Target

6c847c59db16d021cd806a86c94936a086f3561f863bc6a4222aaa2292754c63
Size

96KB
MD5

66a5b1580f48cdcf06bba3ef9f9bfc14
SHA1

8f52a0dc696adc54f4b9425a66f5fe00ae5b8b61
SHA256

6c847c59db16d021cd806a86c94936a086f3561f863bc6a4222aaa2292754c63
SHA512

95478d740b90388cb832ebcfb64bd2f6bea5d0b266c97665cc61be8b1e0a17d5daefacbfb3f709f177e8ccc1268e2202ab2392c9f7a63ed7921356a2338ba13f
SSDEEP

768:mDlMxm1WUERsjYcsVD73Glh+Ha11bnbnA+56t7ioLS8J+3ZU9QZU9:8201WC7OS+Ha117b50LSNz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c847c59db16d021cd806a86c94936a086f3561f863bc6a4222aaa2292754c63

Files

6c847c59db16d021cd806a86c94936a086f3561f863bc6a4222aaa2292754c63
.exe windows:4 windows x64

8397a2faa81ab4a2184f21635fd0311c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
Sleep
GetOEMCP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleA
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapSetInformation
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

EndDialog
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DestroyWindow
DialogBoxParamA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8397a2faa81ab4a2184f21635fd0311c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 48KB - Virtual size: 47KB