06f154adb0a458bc8337813108b19b5dfc1d556fb0c4613fb7d775b2852ab29e

Sharing

Copy URL Twitter E-mail

General

Target

06f154adb0a458bc8337813108b19b5dfc1d556fb0c4613fb7d775b2852ab29e
Size

384KB
MD5

e85d3f91882a6eecc3e8bea0a794f1c8
SHA1

bfedaad39ceb48a53dfa3e22677bd4a948374b72
SHA256

06f154adb0a458bc8337813108b19b5dfc1d556fb0c4613fb7d775b2852ab29e
SHA512

08c8e3340a611b8790ce16be2eb682530ad89069ff1c6dc7bb2f427c916563220b2299745f2f31997a1089e8d4d542fba197c563030e5d29e0a8f96db40004ba
SSDEEP

6144:Nlm7mAvMyKYSopxyuMbkO/8sNYJ7MTmGQEc4pwNSwWCLYdoZ4Vm+VxDrWRB/dbzC:Nlm6HyK1o0kO/v7TxwNSwWCLYdoZ4Vmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f154adb0a458bc8337813108b19b5dfc1d556fb0c4613fb7d775b2852ab29e

Files

06f154adb0a458bc8337813108b19b5dfc1d556fb0c4613fb7d775b2852ab29e
.exe windows:4 windows x86

60bda8528b30e19ffd8b662916ee0d15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW

kernel32

InterlockedExchange
SetEnvironmentVariableA
GetCurrentThread
GetThreadPriority
GetTickCount
ReadProcessMemory
GetCommandLineA
GetVersionExA
GetStartupInfoA
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
Sleep
VirtualAlloc
HeapReAlloc
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
UnhandledExceptionFilter
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
TerminateProcess
GetCurrentProcess
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
VirtualProtect
GetSystemInfo
VirtualQuery
GetTimeZoneInformation
CloseHandle
CreateFileA
GetLocaleInfoW
CompareStringA
CompareStringW

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

~f5c:D
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt0
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

B;z^#
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60bda8528b30e19ffd8b662916ee0d15

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 116KB - Virtual size: 112KB

~f5c:D Size: 28KB - Virtual size: 25KB

.crt0 Size: 8KB - Virtual size: 11KB

.erloc Size: 64KB - Virtual size: 61KB

B;z^# Size: 40KB - Virtual size: 37KB

.rsrc Size: 124KB - Virtual size: 291KB

.text
Size: 116KB - Virtual size: 112KB

~f5c:D
Size: 28KB - Virtual size: 25KB

.crt0
Size: 8KB - Virtual size: 11KB

.erloc
Size: 64KB - Virtual size: 61KB

B;z^#
Size: 40KB - Virtual size: 37KB

.rsrc
Size: 124KB - Virtual size: 291KB