6d2427ccfb2102109a61331c4aa36551ed312e8808ca0c0ead44e5ad2295df4d

Sharing

Copy URL Twitter E-mail

General

Target

6d2427ccfb2102109a61331c4aa36551ed312e8808ca0c0ead44e5ad2295df4d
Size

398KB
MD5

52298b60341e84fbf104f7b76f1ba550
SHA1

963f0a5b06b6a2f32a709311781e5e7d19a904bc
SHA256

6d2427ccfb2102109a61331c4aa36551ed312e8808ca0c0ead44e5ad2295df4d
SHA512

74796a58d27da239c599d13f52a62030c800fd5f59810ff3aa68818418466e3aebffe7aff0705f692b10e0682b1cb682494eaa5316a9f09f265ee809fe79cb79
SSDEEP

6144:EM6d8ZlxdRh3HE5PWUMVez7newHiJhN0g:EoZlnRdkdM6E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d2427ccfb2102109a61331c4aa36551ed312e8808ca0c0ead44e5ad2295df4d

Files

6d2427ccfb2102109a61331c4aa36551ed312e8808ca0c0ead44e5ad2295df4d
.dll windows:6 windows x64 arch:x64

56931b2cd70f1e4602f1760f5ade0f23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
WriteFile
GetTimeFormatEx
GetModuleFileNameW
GetUserDefaultUILanguage
CompareStringOrdinal
GetThreadPreferredUILanguages
FindClose
GetDateFormatEx
MultiByteToWideChar
SetEvent
GetCurrentThread
QueryPerformanceFrequency
LoadLibraryW
CreateThread
AddVectoredExceptionHandler
GetProcAddress
GetFileSize
FreeLibrary
CreateFileMappingW
MapViewOfFile
SetThreadContext
QueryPerformanceCounter
GetTickCount
AllocConsole
LoadLibraryExW
WriteConsoleW
HeapSize
FlushFileBuffers
GetStringTypeW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapReAlloc
SetFilePointerEx
ReadConsoleW
K32EnumProcesses
SetStdHandle
RemoveVectoredExceptionHandler
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HeapAlloc
HeapFree
GetConsoleMode
GetConsoleOutputCP
GetStdHandle
GetModuleHandleExW
ExitProcess
GetFileType
RtlPcToFileHeader
RaiseException
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
InterlockedFlushSList
RtlUnwindEx
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FindResourceW
LoadResource
FreeConsole
CloseHandle
DeleteFileW
LockResource
GetLastError
Sleep
CreateEventW
OpenProcess
FreeResource
DisableThreadLibraryCalls
GetExitCodeProcess
GetProcessTimes
MulDiv
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
LocalFree
GetTempPathA
GetSystemDirectoryW
GetWindowsDirectoryW
K32GetProcessImageFileNameW
GetCurrentThreadId
CreateFileW
LocalAlloc
WaitForSingleObject
TerminateProcess
GetCurrentProcess
GetFileSizeEx
SizeofResource
ReadFile
CreateDirectoryW
GetTempFileNameA
SetEndOfFile
RtlUnwind

user32

SetWindowsHookExW
TrackPopupMenuEx
KillTimer
GetAncestor
EnableWindow
GetDC
LoadCursorW
FindWindowW
DestroyWindow
SendMessageTimeoutW
SetProcessDpiAwarenessContext
MapVirtualKeyW
PostMessageW
AllowSetForegroundWindow
GetKeyState
LoadIconW
TranslateMessage
DestroyMenu
UnhookWindowsHookEx
SendDlgItemMessageW
FindWindowExA
GetSystemMenu
GetWindowLongW
wsprintfW
GetDlgCtrlID
SetTimer
DispatchMessageW
GetActiveWindow
RegisterClassExW
GetWindowLongPtrW
CreatePopupMenu
CallNextHookEx
CreateWindowExW
SetWindowLongPtrW
GetDpiForWindow
MessageBoxW
SetWindowPos
InsertMenuItemW
MonitorFromWindow
ScreenToClient
SetWindowTextW
NotifyWinEvent
TrackPopupMenu
LoadStringW
ShowWindow
GetAsyncKeyState
GetMonitorInfoW
ClientToScreen
SwitchToThisWindow
SetMenuItemInfoW
RegisterClassW
GetDoubleClickTime
GetSysColor
SendNotifyMessageW
ToUnicode
SetWindowLongW
RemoveMenu
GetClientRect
DrawTextW
SetRect
DrawIconEx
PostQuitMessage
SystemParametersInfoForDpi
EnableMenuItem
GetMenuItemInfoA
SystemParametersInfoW
PtInRect
InvalidateRect
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
GetWindowThreadProcessId
GetMessageW
GetMenuItemInfoW
DefWindowProcW
MonitorFromPoint
GetWindowRect

gdi32

SelectObject
SetTextColor
SetBkMode
SetBkColor
DeleteObject
CreateSolidBrush
CreateFontIndirectW
ExtTextOutW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegGetValueW
RegQueryValueExW
RegSetKeyValueW
RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegDeleteTreeW
RegCreateKeyExW
RegDeleteKeyValueW
RegQueryInfoKeyW
RegDeleteKeyExW

shell32

SHParseDisplayName
ShellExecuteExW
ShellExecuteW
ShellExecuteA
SHFileOperationW
Shell_NotifyIconW
SHAppBarMessage
SHBindToParent
SHGetFolderPathW

ole32

CLSIDFromString
CoTaskMemFree
CoCreateInstance
CoInitializeEx

oleaut32

VariantInit
SysFreeString
VariantClear

api-ms-win-core-version-l1-1-0

VerQueryValueW

rstrtmgr

RmRegisterResources
RmRestart
RmGetList
RmStartSession
RmEndSession
RmShutdown

shlwapi

PathStripPathW
PathRemoveFileSpecW

api-ms-win-shcore-scaling-l1-1-1

GetDpiForMonitor

uxtheme

DrawThemeTextEx
OpenThemeData
EndBufferedPaint
IsThemeActive
BeginBufferedPaint

dwmapi

DwmDefWindowProc
DwmExtendFrameIntoClientArea
DwmSetWindowAttribute
DwmGetWindowAttribute
DwmIsCompositionEnabled

Exports

Exports

ZZGUI
ZZLaunchExplorer
ZZLaunchExplorerDelayed
ZZRestartExplorer
ZZTestBalloon

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56931b2cd70f1e4602f1760f5ade0f23

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

api-ms-win-core-version-l1-1-0

rstrtmgr

shlwapi

api-ms-win-shcore-scaling-l1-1-1

uxtheme

dwmapi

Exports

Exports

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 66KB - Virtual size: 65KB

.data Size: 3KB - Virtual size: 8KB

.pdata Size: 7KB - Virtual size: 6KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 155KB - Virtual size: 154KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 66KB - Virtual size: 65KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 7KB - Virtual size: 6KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 155KB - Virtual size: 154KB

.reloc
Size: 2KB - Virtual size: 1KB