0613666d8389a944e8bf50f1bf71277a

Sharing

Copy URL Twitter E-mail

General

Target

0613666d8389a944e8bf50f1bf71277a
Size

29KB
MD5

0613666d8389a944e8bf50f1bf71277a
SHA1

7364b15abf7f7273ba5d32e5c2d2504b1366f580
SHA256

73f2c79cbb17563fadac49bf470d23f5670af6352fd385667301ec51e8a18530
SHA512

23ea2dcc86970743329d603d3507db13e6f16f262524df04fad9906ec6779b5c79e0dc37a6ab2f0db1a1e2587d08b2c777ccaa6cca63ad8e87011c95180cb426
SSDEEP

768:maMwcoYigeT58hl3o26hWPrl0wccOSP2B8H:xMwcmgeah5nnB0FcOS+B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0613666d8389a944e8bf50f1bf71277a

Files

0613666d8389a944e8bf50f1bf71277a
.exe windows:4 windows x86 arch:x86

017a16bd63a9e3e02bc7a9ec18dea770

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

olecli32

OleSetLinkUpdateOptions
OleSavedClientDoc
OleQueryType
BmCopy
OleLockServer
LeReconnect
LeSetTargetDevice
OleClone
LeCopy
OleEnumFormats
LeUpdate
OleQueryName
OleUpdate
OleUnlockServer
LeQueryOutOfDate

oleacc

GetOleaccVersionInfo
IID_IAccessibleHandler
DllGetClassObject
CreateStdAccessibleProxyA
IID_IAccessible
AccessibleObjectFromEvent
CreateStdAccessibleObject
GetStateTextA
GetStateTextW
LresultFromObject
CreateStdAccessibleProxyW
AccessibleChildren
LIBID_Accessibility
DllCanUnloadNow
DllUnregisterServer
AccessibleObjectFromPoint
WindowFromAccessibleObject
AccessibleObjectFromWindow
ObjectFromLresult
GetRoleTextW
GetRoleTextA

kernel32

ExpandEnvironmentStringsA
DeviceIoControl
FileTimeToLocalFileTime
CopyFileW
CreateMutexA
CreateMutexW
VirtualAlloc
OpenProcess
VirtualFree
LoadLibraryExA
GetExitCodeProcess
FindNextFileA
WriteConsoleW
GetTempPathA
ReleaseSemaphore
GetComputerNameW
SetThreadPriority
RemoveDirectoryW
GetFullPathNameW

gdi32

SaveDC
GetObjectA
UnrealizeObject
GetTextMetricsA
RealizePalette
ExtTextOutA
CreatePalette
GetSystemPaletteEntries
MoveToEx
GetDeviceCaps
BitBlt
DeleteObject
CreateSolidBrush
SetTextColor
CreateDIBitmap
CreatePen
CreateRectRgn
GetStockObject
CreateCompatibleDC
CreateFontIndirectA
SetBkColor
RestoreDC
SelectPalette
SelectObject
DeleteDC
SelectClipRgn

advapi32

FreeSid
GetTokenInformation
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegDeleteValueA
RegCreateKeyExA
RegEnumValueW
RegEnumKeyExA
CloseServiceHandle
RegSetValueExA
RegDeleteKeyA
OpenProcessToken
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegOpenKeyExA
OpenThreadToken
RegCloseKey

Sections

.textbss
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

017a16bd63a9e3e02bc7a9ec18dea770

Headers

File Characteristics

Imports

olecli32

oleacc

kernel32

gdi32

advapi32

Sections

.textbss Size: - Virtual size: 48KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 14KB - Virtual size: 14KB

.idata Size: 9KB - Virtual size: 8KB

.debug Size: 1KB - Virtual size: 1KB

.text Size: 1024B - Virtual size: 636B

.textbss
Size: - Virtual size: 48KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 14KB - Virtual size: 14KB

.idata
Size: 9KB - Virtual size: 8KB

.debug
Size: 1KB - Virtual size: 1KB

.text
Size: 1024B - Virtual size: 636B