06f3b9d18f74f0b0bddd6cda0e48e21b90c38e4395c8891f9a5cbcef7e3821d5

Sharing

Copy URL Twitter E-mail

General

Target

06f3b9d18f74f0b0bddd6cda0e48e21b90c38e4395c8891f9a5cbcef7e3821d5
Size

370KB
MD5

da002972c45a7dbb5925faa4c55fef48
SHA1

138b41732a8fa8619f64cd7c521b28210f896a51
SHA256

06f3b9d18f74f0b0bddd6cda0e48e21b90c38e4395c8891f9a5cbcef7e3821d5
SHA512

5dff4a7af546e3dd76eaf92a25c36df0b4ef1fbe0236ffa171a60809eaf46c767a4adb3f2bd181d68a14c3d477f9c26235680daba1aafd4d812a48dff589a83b
SSDEEP

6144:yorFFmP2CSA4FGi32etNbPJ8sfRIAZLokU1ATy:y6F1r3PtNzJ8ARIAZLJ3y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f3b9d18f74f0b0bddd6cda0e48e21b90c38e4395c8891f9a5cbcef7e3821d5

Files

06f3b9d18f74f0b0bddd6cda0e48e21b90c38e4395c8891f9a5cbcef7e3821d5
.exe windows:5 windows x86

72782a2e52904c81d4a88318d6d2d85f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPriorityClass
GlobalAlloc
GetLocaleInfoW
FormatMessageW
GetFileAttributesA
SetConsoleCursorPosition
VerifyVersionInfoA
FileTimeToSystemTime
ReadFile
SetConsoleTitleA
GetStdHandle
FindFirstFileA
GetLastError
GlobalFree
FindClose
GetLocalTime
GetConsoleScreenBufferInfo
LocalAlloc
FillConsoleOutputAttribute
GetVersionExA
CloseHandle
LocalFree
GetSystemTime
DeleteFileA
VirtualFree
WriteFile
Sleep
VirtualAlloc
GetCurrencyFormatA
WaitForSingleObject
SetFileTime
GetDriveTypeA
GetVolumeInformationA
GetExitCodeProcess
CreateProcessA
TerminateProcess
GetEnvironmentVariableA
GetShortPathNameA
CreateDirectoryA
GetLogicalDriveStringsA
CopyFileA
SetFileAttributesA
OpenMutexA
GetModuleFileNameA
CreateMutexA
GetFileTime
GetTempPathA
UpdateResourceA
BeginUpdateResourceA
EndUpdateResourceA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
FormatMessageA
GetConsoleTitleA
GetTickCount
QueryPerformanceCounter
SetFirmwareEnvironmentVariableA
GlobalSize
GetCurrentProcess
GetLocaleInfoA
lstrlenA
SetPriorityClass
GlobalMemoryStatus
CreateFileA
GetSystemInfo
FillConsoleOutputCharacterA
GetConsoleCP
SetFilePointer
HeapSize
GetModuleHandleA
GetCurrentProcessId
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
CompareStringA
MultiByteToWideChar
GetCPInfo
CompareStringW
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate

user32

GetActiveWindow
wsprintfW
GetCapture
GetCursorPos
GetClipboardOwner
GetCaretPos

advapi32

RegCreateKeyExA
LookupPrivilegeValueA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegNotifyChangeKeyValue
RegOpenKeyExA

dnsapi

DnsQuery_A
DnsFree

wininet

InternetCloseHandle
InternetOpenA
HttpSendRequestA
FtpGetFileSize
HttpAddRequestHeadersA
InternetCreateUrlA
HttpOpenRequestA
InternetCrackUrlA
FtpOpenFileA
InternetConnectA
HttpQueryInfoA
InternetReadFile

ws2_32

closesocket
socket
sendto
htons
WSAStartup
gethostbyname

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72782a2e52904c81d4a88318d6d2d85f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

dnsapi

wininet

ws2_32

version

Sections

.text Size: 255KB - Virtual size: 255KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 24KB - Virtual size: 24KB

.text
Size: 255KB - Virtual size: 255KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 24KB - Virtual size: 24KB