06ff36e63b613be7ff90964d17d195ae

Sharing

Copy URL Twitter E-mail

General

Target

06ff36e63b613be7ff90964d17d195ae
Size

66KB
MD5

06ff36e63b613be7ff90964d17d195ae
SHA1

674876948c8b5c378b83fda2ea618b80305833b3
SHA256

e73938a7cfb9501815eb03a13799e9c5f4e6e37b7c32a5499ffb55bff84a7ac5
SHA512

bc8397ca86aa3cd812bb73850f182b125d0525180e66cf1938f3bb5dd0b6a83d0ce217bed864f68f40aacf8d96e83d8475c721643444a181a32cc504ce33f2e1
SSDEEP

1536:eaNWkdc8zk54v5TU1ZNgeZDoYFo//+AS01oks3I7dG2+gb3yF4b:e8Sea4h+JEosBs33Z4b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ff36e63b613be7ff90964d17d195ae

Files

06ff36e63b613be7ff90964d17d195ae
.exe windows:4 windows x86 arch:x86

4418c7260bc04d615e27ad56fccff52e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

wininet

InternetCrackUrlW
InternetConnectW
InternetSetStatusCallbackW
InternetOpenW
HttpOpenRequestW
HttpSendRequestW
InternetReadFileExA
InternetSetOptionW
HttpQueryInfoW
InternetCloseHandle

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_mbsicmp
strncmp
_purecall
wcscpy
_beginthreadex
wcscmp
rand
wcschr
strlen
vsprintf
_mbscmp
wcsstr
atoi
wcsrchr
malloc
isspace
memcmp
isalpha
_wcsicmp
_wcslwr
strcpy
??3@YAXPAX@Z
wcslen
??2@YAPAXI@Z
memcpy
vswprintf
realloc
memmove
isalnum
memset
free

kernel32

GetVersionExA
CreateFileA
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
lstrlenA
GetModuleFileNameA
GetStartupInfoW
TerminateThread
SetFileTime
WaitForMultipleObjects
IsBadReadPtr
GetFileAttributesW
CompareFileTime
MoveFileW
SetEndOfFile
GetTickCount
CreateDirectoryW
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
lstrlenW
LoadLibraryExW
MultiByteToWideChar
lstrcpynW
lstrcmpiW
GetCurrentThreadId
HeapAlloc
FlushInstructionCache
GetCurrentProcess
FindNextFileW
FindFirstFileW
GetFullPathNameW
FindClose
SetLastError
ResetEvent
CreateProcessW
WaitForSingleObject
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
VirtualFree
VirtualAlloc
GetSystemInfo
HeapFree
GetProcessHeap
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetLocaleInfoA
GetVersionExW
GetACP
InterlockedExchange
GetThreadLocale
CreateFileW
GetFileSize
CloseHandle
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
LoadLibraryW
FreeLibrary
ReadFile
WideCharToMultiByte
SetEvent
DeleteFileW
lstrcpyW
lstrcatW
WriteFile
SetFilePointer
HeapReAlloc
CreateEventW

user32

UnregisterClassW
EndDialog
SendMessageW
SetWindowLongW
RegisterWindowMessageW
DefWindowProcW
GetActiveWindow
MessageBoxW
FindWindowExW
IsWindow
DestroyWindow
DialogBoxParamW
CharNextW
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetWindowLongW
IsWindowUnicode
PeekMessageW
MsgWaitForMultipleObjects
SetTimer
BringWindowToTop
SetDlgItemTextW
GetDlgItem
GetSystemMetrics
LoadImageW
SetWindowTextW
GetWindow
SystemParametersInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetFocus
GetMessageW
KillTimer
SetWindowPos
PostMessageW
ShowWindow
MessageBoxA

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr

Exports

Exports

_set_security_error_handler

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4418c7260bc04d615e27ad56fccff52e

Headers

File Characteristics

Imports

comctl32

wininet

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB