06a216b2dab96735c4a78fcc60e99f92

Sharing

Copy URL Twitter E-mail

General

Target

06a216b2dab96735c4a78fcc60e99f92
Size

274KB
MD5

06a216b2dab96735c4a78fcc60e99f92
SHA1

3834854151b9c3c5d8f22f0889a999abe605fa80
SHA256

58cb5029a636c22ec0999f47ad651d49bd56df13cdd13f9464838f4cc549d057
SHA512

cd9a96864c9d0bc5dbda6c26a41cd81d360dd7796d0c94fa2ced67048c045d57820683e7c7bd186fdeb36ecddf56fd65676bf6e06dcd5a2d6757d7fded7e17fe
SSDEEP

6144:SdiL5GaOAMst1VcsrI5IJd8quvJ1a9QteeIbJ0/QBpHQOk9QeN4x2XiQJ:SdisaOAMs3Vc6I5I0d7a9IIu44njN46J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06a216b2dab96735c4a78fcc60e99f92

Files

06a216b2dab96735c4a78fcc60e99f92
.exe windows:4 windows x86 arch:x86

0bd2af85344f9e96e0c9767f36fffbbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindResourceW
GetTickCount
TlsGetValue
MulDiv
HeapDestroy
IsProcessorFeaturePresent
TerminateThread
LocalFree
GetFileType
lstrcmpW
GetLocaleInfoA
CreateFileA
SizeofResource
MoveFileA
CompareStringA
GlobalFree
SetEvent
HeapFree
LCMapStringW
GetUserDefaultLCID
LoadLibraryA
IsDebuggerPresent
WideCharToMultiByte
CreateEventW
GetProcAddress
GetDriveTypeA
GetACP
WaitForSingleObject
GetFileTime
MultiByteToWideChar
IsDBCSLeadByte
IsBadCodePtr
GetLocalTime
GetStartupInfoA
UnhandledExceptionFilter
VirtualQuery
WriteFile
CloseHandle
EnterCriticalSection
TlsFree
CreateEventA
LocalFileTimeToFileTime
LockFile
SetFilePointer
SetHandleCount
SetUnhandledExceptionFilter
GetVersion
RaiseException
GetCommandLineA
GetStringTypeW
GetCPInfo
GetCurrentThreadId
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetLastError
ExitProcess
CreateFileW
GetEnvironmentStrings
LeaveCriticalSection
GetCommandLineW
GetModuleHandleA
VirtualProtect
RtlUnwind
GetCurrentProcess
GetLastError
InitializeCriticalSection
GetSystemTimeAsFileTime
InterlockedDecrement
FreeEnvironmentStringsA
CreateMutexW
GetTempPathW
GetStringTypeA
FindNextFileW
GetSystemInfo

gdi32

StretchBlt
MoveToEx
CreateCompatibleBitmap
SetTextColor
SelectPalette
DeleteDC
RealizePalette
CreateBitmap
CreatePatternBrush
LineTo
LPtoDP

msvcrt

_errno
??0exception@@QAE@XZ
_purecall
_amsg_exit
_XcptFilter
memcpy
__set_app_type
malloc
iswdigit
_onexit
__CxxFrameHandler
_cexit
_vsnwprintf
_wcsnicmp
realloc

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bd2af85344f9e96e0c9767f36fffbbf

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 14KB

.data Size: 94KB - Virtual size: 303KB

.reloc Size: 512B - Virtual size: 72B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 14KB

.data
Size: 94KB - Virtual size: 303KB

.reloc
Size: 512B - Virtual size: 72B

.rsrc
Size: 3KB - Virtual size: 2KB