6220b37314c643c3e6906cb0bab87e2e

Sharing

Copy URL

Twitter E-mail

General

Target

6220b37314c643c3e6906cb0bab87e2e
Size

631KB
MD5

6220b37314c643c3e6906cb0bab87e2e
SHA1

916f314fbd2983cfce0942c50da31e1a46021618
SHA256

40e257f7eab5f7afe7050499e3fa6b088806157ea71eff9fec956d0e02da8722
SHA512

dc14f876abd57cf10cb9f5fb1e9426876bea0bd755056f55f09cee8921ce529e4a26ff87a1383b3aa54f83164416b8a8b24dd4668327ed6a94ddb1b7d9fb530e
SSDEEP

12288:FMNlWnzdRgeBXOPtCSsqocOe+dpvMhPbiLkXfnv:FMD2zngewCSshRe+3MF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6220b37314c643c3e6906cb0bab87e2e

Files

6220b37314c643c3e6906cb0bab87e2e
.dll windows:4 windows x86 arch:x86

f94ed9e05bf07a37e89f9c817825a573

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

PropVariantClear
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

user32

CharNextW

kernel32

ExitProcess
FindResourceW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentThreadId
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
EnterCriticalSection
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
CreateFileA
LoadResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
RtlUnwind
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SizeofResource
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpiW
lstrlenW
CloseHandle
GetTickCount
LeaveCriticalSection

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW

oleaut32

SysAllocString
SysFreeString
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
RegisterTypeLi
LoadTypeLi

Exports

Exports

ParseString
SetItemString
_Count
get_pCAL
read_end
vSetOptions

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f94ed9e05bf07a37e89f9c817825a573

Headers

File Characteristics

Imports

ole32

user32

kernel32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 369KB - Virtual size: 369KB

.data Size: 106KB - Virtual size: 107KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 369KB - Virtual size: 369KB

.data
Size: 106KB - Virtual size: 107KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 7KB - Virtual size: 7KB