6167e60bdb2b917ea2e345a680ada56a

Sharing

Copy URL Twitter E-mail

General

Target

6167e60bdb2b917ea2e345a680ada56a
Size

199KB
MD5

6167e60bdb2b917ea2e345a680ada56a
SHA1

0c17eaa55cd84c89f0b0d637d490519e78820c06
SHA256

e50f62bb90b4eeaecef0a3b754f1486c5547925fec6fd60bdf8cd0927a247a2e
SHA512

ef7cf0fddb28990d7964e0db3e4678c18386d01cb69bc79dd6487ac509b3d4fcbdb797d15a9e54679d65d6f0ccc029ba73ecc50805a4f829ad0bb08ea8ed1b09
SSDEEP

6144:m0Nx/veEYQO3JPZOiFdfxYo/dWoAuVjf:mQVveEYQOxEiX+oBAu1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6167e60bdb2b917ea2e345a680ada56a

Files

6167e60bdb2b917ea2e345a680ada56a
.exe windows:4 windows x86 arch:x86

3e913034aed927b641b48a14f73a0725

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
InterlockedExchange
GetLocalTime
GetWindowsDirectoryA
GetVersion
EnumResourceNamesA
FindClose
ExitProcess
Sleep
FindFirstFileA

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegSetValueExA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

user32

GetWindowInfo
SetWindowPos
IsWindow
FillRect
SetWindowLongA
MoveWindow
ReleaseCapture
GetDC
GetDlgItem
SetCursor
ReleaseDC
LoadCursorA
GetSysColor
GetWindowLongA
SetCapture

winmm

mciSendCommandA
sndPlaySoundA

gdi32

GetDeviceCaps
SetTextColor
SetBkMode
SaveDC
CreateSolidBrush
BitBlt
DeleteDC
EnumFontFamiliesExA
CreateCompatibleDC
GetStockObject
TextOutA
Rectangle
SelectObject
DeleteObject
DeleteMetaFile
RestoreDC
CreateFontIndirectA
GetObjectA
CreateRectRgn
GetTextExtentPoint32A
CreateCompatibleBitmap

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e913034aed927b641b48a14f73a0725

Headers

File Characteristics

Imports

shell32

ole32

kernel32

oleacc

advapi32

version

user32

winmm

gdi32

Sections

.text Size: 169KB - Virtual size: 169KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 25KB

.lib Size: 512B - Virtual size: 100KB

.text
Size: 169KB - Virtual size: 169KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 25KB

.lib
Size: 512B - Virtual size: 100KB