6169600fd511ea7083f8c83de18324c9

Sharing

Copy URL Twitter E-mail

General

Target

6169600fd511ea7083f8c83de18324c9
Size

188KB
MD5

6169600fd511ea7083f8c83de18324c9
SHA1

aed6dea9d202729a5a05699f835e9fce8424755f
SHA256

7912476c83ac7930bdd35c4d6a9103c4870e05058e9ac16f8cb73ec77e7fd1cb
SHA512

a3b1ab846fe132dbb86a18a7645fbb2b9cab0474737436a6d43a1011fd1076f64ff20dd296230a892d1fb3aceea9d6e0a1b9670b4d9dc8c2ca0a7a34f152e1dc
SSDEEP

3072:/3iE7FJ5Z8NI6Ag1mpUhWwcFw1+H3sgFZ7a7Voa:viC5GNI6Ag1mp4xIXsFhoa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6169600fd511ea7083f8c83de18324c9

Files

6169600fd511ea7083f8c83de18324c9
.exe windows:4 windows x86 arch:x86

f2d4ab78fa0a94ba5a97d27e4b07c737

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyA
RegCreateKeyExA
RegLoadKeyA
RegOpenKeyW
RegFlushKey
RegQueryValueExA
RegQueryValueExW
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueA
RegDeleteValueW
RegGetKeySecurity
RegLoadKeyW
RegQueryValueW
RegReplaceKeyW
RegEnumKeyW
RegQueryInfoKeyA
RegEnumKeyExW
RegGetKeySecurity
RegEnumValueA
RegCreateKeyW
RegDeleteValueA
RegOpenKeyA
RegReplaceKeyA
RegReplaceKeyW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyA
RegFlushKey
RegQueryValueW
RegOpenKeyExW
RegLoadKeyA
RegQueryValueA
RegQueryInfoKeyA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueW
RegLoadKeyW
RegQueryValueExW

comctl32

ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawIndirect
ImageList_GetDragImage
ImageList_Replace
ImageList_BeginDrag
ImageList_LoadImageA
ImageList_AddIcon
ImageList_GetImageCount
InitCommonControls
ImageList_Remove
ImageList_Read
ImageList_Create
ImageList_Copy
ImageList_DragMove
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_DragEnter
ImageList_GetImageCount
ImageList_Create
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_Merge
ImageList_LoadImage
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_DragEnter
ImageList_Replace
ImageList_Destroy
ImageList_DrawIndirect
InitCommonControls
ImageList_AddIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_Replace
ImageList_AddIcon
ImageList_DragEnter
ImageList_Copy
ImageList_DrawIndirect
ImageList_DragLeave
ImageList_Read
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_Remove
ImageList_GetIcon
ImageList_GetImageRect
ImageList_Draw
ImageList_Merge
ImageList_DrawEx

user32

GetDC
DrawIconEx
InsertMenuA
DrawIcon
IsWindow
DrawTextW
IsMenu
AlignRects
LoadCursorA
EndDialog
LoadMenuA
CloseWindow
AppendMenuW
GetDlgItem
DrawTextA
AppendMenuA
CopyRect
CreateIcon
GetWindowTextA
GetCursor
CalcMenuBar
DialogBoxParamW

kernel32

DeleteAtom
GlobalFree
CreateThread
CopyFileW
GetConsoleMode
ReadFile
GetCPInfo
FindFirstFileA
GetFileTime
GetComputerNameA
CreateDirectoryA
GetFileSize
CopyFileExW
DeleteFileW
FindAtomA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 4KB - Virtual size: 999B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2d4ab78fa0a94ba5a97d27e4b07c737

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 8KB - Virtual size: 6KB

.edata Size: 8KB - Virtual size: 4KB

.bbs Size: 4KB - Virtual size: 999B

.data Size: 124KB - Virtual size: 5.0MB

.reloc Size: 4KB - Virtual size: 16B

.rdata Size: 4KB - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 8KB - Virtual size: 6KB

.edata
Size: 8KB - Virtual size: 4KB

.bbs
Size: 4KB - Virtual size: 999B

.data
Size: 124KB - Virtual size: 5.0MB

.reloc
Size: 4KB - Virtual size: 16B

.rdata
Size: 4KB - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 19KB