6b2a111ace1e8469a99e2696a6313352cadf138f5b431d68fdb36a7268df1052

Sharing

Copy URL Twitter E-mail

General

Target

6b2a111ace1e8469a99e2696a6313352cadf138f5b431d68fdb36a7268df1052
Size

4.1MB
MD5

184fc62aeb4c9d78891eb8d509c429e5
SHA1

4456d00e767b918a5118741985f2e1bc924b8e53
SHA256

6b2a111ace1e8469a99e2696a6313352cadf138f5b431d68fdb36a7268df1052
SHA512

100eb18ee1ef332862b668769fc64b37429df107873525b3ffcd5a8ccea8ad31fe57bba97cb103c2b444d62113a999a58f7743eb0b8266bb9ff8f116472d854b
SSDEEP

49152:uJ7aHS0U1goEcqlr0/v9H11FZF5ctG2A8Kzg1QgOpoVGQy8UvJJqffnI:FHrlyFFZFWtG2r6g1QgOo28CJqff

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b2a111ace1e8469a99e2696a6313352cadf138f5b431d68fdb36a7268df1052

Files

6b2a111ace1e8469a99e2696a6313352cadf138f5b431d68fdb36a7268df1052
.dll windows:5 windows x86 arch:x86

f8c4d6688992a8fb4658f7669a383fe2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CheckDlgButton
SetParent
SetCaretPos
GetSysColor
GetActiveWindow
GetMenuCheckMarkDimensions
UpdateWindow
IsHungAppWindow

gdi32

CloseEnhMetaFile
PolyPolyline
ExtSelectClipRgn

msvcrt

memset

setupapi

SetupDiGetDriverInstallParamsW

kernel32

GetModuleHandleW
GetProcAddress
LoadLibraryA
AddRefActCtx
GetSystemDefaultUILanguage
GetOverlappedResult
GetBinaryTypeW
GetModuleFileNameW
InterlockedPushEntrySList
WaitForSingleObject

oleaut32

GetRecordInfoFromGuids

ole32

CoResumeClassObjects

advapi32

SetServiceObjectSecurity

Exports

Exports

BulxelnleertrqTlad

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 852KB - Virtual size: 850KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 388KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=N
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 960KB - Virtual size: 959KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8c4d6688992a8fb4658f7669a383fe2

Headers

File Characteristics

Imports

user32

gdi32

msvcrt

setupapi

kernel32

oleaut32

ole32

advapi32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 852KB - Virtual size: 850KB

.crt Size: 388KB - Virtual size: 384KB

=N Size: 136KB - Virtual size: 134KB

.code Size: 960KB - Virtual size: 959KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 276KB - Virtual size: 274KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 852KB - Virtual size: 850KB

.crt
Size: 388KB - Virtual size: 384KB

=N
Size: 136KB - Virtual size: 134KB

.code
Size: 960KB - Virtual size: 959KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 276KB - Virtual size: 274KB