06cd22a39c0462db5a3610f91fbbfc99

Sharing

Copy URL

Twitter E-mail

General

Target

06cd22a39c0462db5a3610f91fbbfc99
Size

252KB
MD5

06cd22a39c0462db5a3610f91fbbfc99
SHA1

74f8f5ea361aa8a591c35069e3fdb0cdbd889e7c
SHA256

e92987dd83c81693e678dac81e7dd550a68c3c642ab10a2998be5ae8a4f66f22
SHA512

6208a969503d2bf4c7952955c06fb8e097e5357154c4f0846bcf30d77fabbb8b5cef982ca8d8e78dfb8b33d9d3ee8075eb626e770de1eee2274ec103935199eb
SSDEEP

3072:X5J7H7OZb1OONaXqNGOLrDUADCwKfO3nw4r0ZI7mXECJ0+ieao1:H7bO3va8GOvTeK3zywQE5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06cd22a39c0462db5a3610f91fbbfc99

Files

06cd22a39c0462db5a3610f91fbbfc99
.exe windows:4 windows x86 arch:x86

75dd51563cc83ea0f51f181b27fd90a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bugreport

ord1

mfc42

ord755
ord470
ord1865
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5282
ord2649
ord1665
ord4436
ord1724
ord5256
ord4427
ord408
ord706
ord2151
ord1233
ord6779
ord4129
ord2764
ord1265
ord6215
ord4248
ord2627
ord4284
ord4457
ord6197
ord4413
ord5860
ord2528
ord1008
ord2514
ord641
ord693
ord807
ord686
ord772
ord2107
ord1175
ord6154
ord2530
ord4364
ord4056
ord5471
ord4121
ord2389
ord5234
ord6369
ord5279
ord5248
ord2444
ord2100
ord1848
ord2582
ord4402
ord3370
ord3640
ord798
ord384
ord533
ord801
ord541
ord3998
ord941
ord5710
ord4243
ord3996
ord4287
ord2862
ord1642
ord2453
ord2865
ord1168
ord5651
ord3127
ord3616
ord920
ord5933
ord3337
ord3810
ord3789
ord350
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord940
ord939
ord3301
ord1997
ord6407
ord858
ord1200
ord5194
ord1644
ord1146
ord6283
ord6662
ord4277
ord6663
ord6142
ord500
ord4204
ord4033
ord3676
ord3130
ord2141
ord5575
ord434
ord1816
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord5280
ord4425
ord3402
ord3721
ord324
ord795
ord2302
ord4234
ord5953
ord4710
ord2096
ord2408
ord6282
ord5683
ord2841
ord2448
ord5450
ord5834
ord6394
ord3903
ord5440
ord6383
ord2044
ord6222
ord6418
ord1938
ord3295
ord4366
ord5086
ord1710
ord1715
ord5064
ord3610
ord2411
ord2023
ord4218
ord2578
ord4398
ord6740
ord656
ord6502
ord554
ord2116
ord2089
ord6612
ord4163
ord6625
ord3874
ord6784
ord4268
ord4454
ord2859
ord5882
ord2012
ord6146
ord5885
ord5981
ord6199
ord3317
ord5861
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2379
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2621
ord2725
ord3597
ord6241
ord3097
ord6358
ord924
ord4160
ord6907
ord6007
ord6883
ord3286
ord3910
ord1621
ord1199
ord1271
ord6905
ord3730
ord6649
ord6311
ord4171
ord6877
ord2494
ord2626
ord5871
ord5030
ord2652
ord1669
ord2123
ord6927
ord3619
ord3626
ord2414
ord1641
ord5572
ord2915
ord6778
ord809
ord556
ord1949
ord1088
ord2122
ord2763
ord2754
ord6194
ord4333
ord3706
ord3797
ord6172
ord4123
ord5875
ord5789
ord5782
ord1151
ord1193
ord816
ord562
ord2860
ord1842
ord4242
ord5237
ord796
ord674
ord6491
ord529
ord366
ord620
ord6067
ord2011
ord6000
ord2117
ord6565
ord6619
ord5252
ord6069
ord4499
ord3582
ord616
ord3092
ord5161
ord5162
ord5160
ord4905
ord4742
ord4976
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord2370
ord2642
ord5951
ord6334
ord2301
ord2289
ord3095
ord4299
ord6880
ord5655
ord955
ord2645
ord1133
ord6734
ord640
ord2405
ord1640
ord323
ord2243
ord6209
ord1941
ord3573
ord3398
ord3733
ord810
ord3287
ord4125
ord6008
ord3297
ord3303
ord4271
ord3914
ord4506
ord5606
ord1803
ord298
ord4230
ord6265
ord6229
ord332
ord4083
ord3495
ord1864
ord3701
ord1709
ord3089
ord5153
ord3571
ord2714
ord4023
ord2569
ord5785
ord6605
ord6458
ord5787
ord3220
ord2767
ord3986
ord647
ord3521
ord5746
ord4157
ord333
ord6402
ord6266
ord4290
ord1750
ord1708
ord3955
ord5473
ord407
ord645
ord4247
ord2088
ord5484
ord4815
ord4816
ord4658
ord6143
ord3988
ord2455
ord5884
ord2921
ord3693
ord2923
ord5788
ord6604
ord6603
ord3289
ord2919
ord491
ord1907
ord489
ord768
ord4258
ord1908
ord4715
ord1690
ord5288
ord2054
ord4431
ord497
ord771
ord5849
ord4439
ord4259
ord2380
ord289
ord2567
ord2864
ord613
ord4275
ord818
ord567
ord3742
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord2393
ord3663
ord1871
ord2614
ord823
ord2818
ord535
ord537
ord860
ord540
ord800
ord825
ord4079
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
abs
strncmp
_itoa
_setmbcp
__CxxFrameHandler
memchr
sscanf
realloc
memcpy
strlen
_snprintf
strcpy
free
memset
_stricmp
strcmp
atoi
isdigit
strchr
isspace
_atoi64
sprintf
strstr
strtok
_strnicmp
_strupr
strrchr
isalpha
__p___argv
_purecall
strncpy
strncat
_controlfp

kernel32

LeaveCriticalSection
MulDiv
HeapFree
HeapAlloc
DeleteCriticalSection
HeapDestroy
HeapCreate
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetWindowsDirectoryA
GetVersionExA
GetModuleFileNameA
lstrcmpiA
CreateMutexA
CloseHandle
GetTempPathA
GlobalAlloc
GlobalLock
InitializeCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetModuleHandleA
GetLastError
lstrcpynA
SystemTimeToTzSpecificLocalTime
GetSystemTime
DeleteFileA
GetStartupInfoA
GlobalUnlock

user32

GetSysColor
MapWindowPoints
CopyIcon
PtInRect
GetCursorPos
GetWindowRect
RegisterWindowMessageA
SetPropA
RemovePropA
OffsetRect
SetWindowPos
GetDlgCtrlID
SystemParametersInfoA
InflateRect
CopyRect
ScreenToClient
FillRect
GetSysColorBrush
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
GetClassLongA
RedrawWindow
SetCapture
ReleaseCapture
ReleaseDC
GetDCEx
wsprintfA
GetSystemMetrics
SetParent
AppendMenuA
DeleteMenu
GetSystemMenu
GetDesktopWindow
GetMenu
GetMenuItemID
SetCursor
UnhookWindowsHookEx
TrackPopupMenuEx
keybd_event
SetWindowsHookExA
CallNextHookEx
WindowFromPoint
RemoveMenu
InsertMenuA
EqualRect
IntersectRect
CreatePopupMenu
GetMenuStringA
GetWindow
IsWindow
GetPropA
IsIconic
ShowWindow
SetForegroundWindow
UpdateWindow
GetKeyState
GetWindowDC
DestroyIcon
LoadMenuA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSubMenu
ClientToScreen
LoadCursorA
EnableWindow
GetClientRect
SetWindowLongA
CreateWindowExA
RegisterClassExA
GetParent
SendMessageA
InvalidateRect
PostMessageA
DestroyCursor
EnumChildWindows
KillTimer
GetMenuItemCount
SetTimer
DestroyWindow
GetWindowLongA
DefWindowProcA
SetMenu

gdi32

CreateFontIndirectA
CreatePen
CreateSolidBrush
PatBlt
CreateCompatibleBitmap
BitBlt
Rectangle
GetTextColor
GetDeviceCaps
CreateCompatibleDC
CreateRectRgnIndirect
GetObjectA
GetTextExtentPoint32A
GetStockObject
SetPixel

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA
SHGetSpecialFolderLocation
ShellExecuteA

comctl32

ImageList_ReplaceIcon
ord17
_TrackMouseEvent
ImageList_LoadImageA

ole32

CoInitializeEx
CoUninitialize

ws2_32

WSAGetLastError
WSASetLastError
htons
gethostbyname
inet_addr
ntohs
inet_ntoa
WSAAsyncSelect
socket
htonl
bind
WSACancelAsyncRequest
closesocket
recv
send
WSAAsyncGetHostByName
connect
getpeername
getsockname
shutdown
listen
accept
ioctlsocket
setsockopt
WSAStartup
WSACleanup
ntohl
gethostname

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75dd51563cc83ea0f51f181b27fd90a6

Headers

File Characteristics

Imports

bugreport

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

ole32

ws2_32

version

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 84KB - Virtual size: 81KB