c6742ffc1778aa8b1c8709a3b9568c2dc9fbf9013bdabc9b67b74406ac230aa7

Sharing

Copy URL Twitter E-mail

General

Target

c6742ffc1778aa8b1c8709a3b9568c2dc9fbf9013bdabc9b67b74406ac230aa7
Size

2.0MB
MD5

d042a2a0a23673bdf1c617fc30d41365
SHA1

36c9564d0685949bda3656020e803bcd71fb8877
SHA256

c6742ffc1778aa8b1c8709a3b9568c2dc9fbf9013bdabc9b67b74406ac230aa7
SHA512

243e11eb1902bccefa891289e44db5504410981a3e42389f61b14d003d8a92b26358e98903ec0e65bd7ea76323495ed0110cbdf853cc5502ffb0b626828bbdb0
SSDEEP

24576:mV8PP6/sh3Zv+qzXAPgzIsNRymJKu5CHFVFK/9bNQ/4Jdc0SWoYc1VpxnQ9P:MYcEvLRIeAx49mQJtroZThQ9P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6742ffc1778aa8b1c8709a3b9568c2dc9fbf9013bdabc9b67b74406ac230aa7

Files

c6742ffc1778aa8b1c8709a3b9568c2dc9fbf9013bdabc9b67b74406ac230aa7
.exe windows:5 windows x86 arch:x86

7027e3e49d5f33be0c690f2365d13dfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
WideCharToMultiByte
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileW
SetEnvironmentVariableA
CompareStringW
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapSize
HeapAlloc
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
QueryPerformanceCounter
LCMapStringW
LCMapStringA
SetHandleCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetACP
GetTimeZoneInformation
LoadLibraryW
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
ExitProcess
VirtualQuery
GetSystemInfo
HeapValidate
GetStartupInfoA
GetCommandLineA
GetDateFormatA
GetTimeFormatA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
GetTickCount
GetFileSizeEx
GetFileTime
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
WritePrivateProfileStringA
GetModuleHandleW
GetThreadLocale
FileTimeToSystemTime
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetOEMCP
GetCPInfo
VirtualProtect
InterlockedDecrement
GetModuleFileNameW
GetAtomNameA
SetErrorMode
GlobalFlags
GetCurrentProcessId
SetEvent
CloseHandle
InterlockedExchange
lstrcmpA
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
lstrlenA
CompareStringA
SetLastError
MultiByteToWideChar
lstrcmpW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetVersionExA
GlobalLock
GetLastError
GlobalUnlock
GlobalFree
FreeResource
Sleep
FreeLibrary
IsBadReadPtr
VirtualFree
VirtualAlloc
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapFree
LoadResource
LockResource
SizeofResource
FindResourceA

user32

CharUpperA
LoadAcceleratorsA
DestroyMenu
UnpackDDElParam
GetClipboardFormatNameA
ReleaseCapture
SetRectEmpty
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
FillRect
GetSysColorBrush
GetWindowThreadProcessId
SetCursor
GetCursorPos
GetMessageA
TranslateMessage
PostQuitMessage
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
AppendMenuA
GetMenuItemID
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
LoadCursorA
PostThreadMessageA
SetWindowContextHelpId
GetForegroundWindow
SetForegroundWindow
TranslateAcceleratorA
GetLastActivePopup
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetSystemMenu
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
MessageBoxA
GetSystemMetrics
IsWindowEnabled
GetDlgItem
GetWindowLongA
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ReuseDDElParam
CharNextA
CopyAcceleratorTableA
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
IsRectEmpty
DestroyWindow
CreateDialogIndirectParamA
InflateRect
SetRect
PtInRect
EnableWindow
IsWindow
SetActiveWindow
GetActiveWindow
GetDesktopWindow
EndDialog
MapDialogRect
SendMessageA
PostMessageA
TabbedTextOutA
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetMessagePos
GetMessageTime
GetMenu
SetMenu
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassNameA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetDlgCtrlID
GetKeyState
GetWindowTextA
GetWindowTextLengthA
TrackPopupMenu
WinHelpA
GetCapture
GetWindow
GetParent
IsChild
GetTopWindow

gdi32

GetBkColor
GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
BitBlt
GetPixel
TextOutA
GetTextExtentPoint32A
Escape
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
ExtSelectClipRgn
SelectObject
CreateCompatibleDC
GetRgnBox
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreatePatternBrush
CreateSolidBrush
GetObjectType
GetStockObject
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetThreadToken
RevertToSelf
OpenThreadToken
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileA

shlwapi

PathFindFileNameA
PathIsUNCA
PathFindExtensionA
PathStripToRootA

oledlg

ord8

ole32

OleIsCurrentClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
OleFlushClipboard

oleaut32

SystemTimeToVariantTime
VariantClear
VariantChangeType
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString
VariantTimeToSystemTime
VariantInit

Sections

.text
Size: 769KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 293KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 787KB - Virtual size: 787KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7027e3e49d5f33be0c690f2365d13dfb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 769KB - Virtual size: 768KB

.rdata Size: 170KB - Virtual size: 169KB

.data Size: 293KB - Virtual size: 309KB

.rsrc Size: 787KB - Virtual size: 787KB

.text
Size: 769KB - Virtual size: 768KB

.rdata
Size: 170KB - Virtual size: 169KB

.data
Size: 293KB - Virtual size: 309KB

.rsrc
Size: 787KB - Virtual size: 787KB