6636bed56e3e597e845010efc3ae95a9

General

Target

6636bed56e3e597e845010efc3ae95a9
Size

24KB
MD5

6636bed56e3e597e845010efc3ae95a9
SHA1

f9df2499871b3262559d0465bf3b1449377e0cbe
SHA256

c6440faa5fdca4f05af478841a985a53a9bff430ed158def34677fc1fd582cce
SHA512

36f9385ace6e66dc3f88ed6b265645b6f5ef10d3fd016bcb1997fad911d8a49991216765c9501464b3f362dc660f8179e372af45b1a4034eff5f86c35f4014d1
SSDEEP

384:gDm/iyy8sjIzPaY91XWY9KP37OQysXCivrlgc:Um/S8nzPaY91R9I7dl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6636bed56e3e597e845010efc3ae95a9

Files

6636bed56e3e597e845010efc3ae95a9
.exe windows:4 windows x86 arch:x86

9e3005f104e2a182a8852b408f27c446

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleHandleA
GetSystemTime
GlobalAlloc
GetProcessHeap
HeapFree
HeapAlloc
lstrcpyA
GetLastError
Sleep

advapi32

RegEnumValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strchr
_mbsstr
strncpy
strcmp
sprintf
_mbstok
_mbscmp
??2@YAPAXI@Z
strcat
memset
strcpy
??3@YAXPAX@Z

rasapi32

RasGetEntryPropertiesA
RasSetEntryPropertiesA
RasSetEntryDialParamsA
RasDialA
RasHangUpA
RasGetErrorStringA
RasGetConnectStatusA
RasEnumEntriesA
RasEnumDevicesA
RasEnumConnectionsA
RasDeleteEntryA
RasValidateEntryNameA

shell32

ShellExecuteA

user32

SetWindowPos
EndDialog
SetDlgItemTextA
SetTimer
GetSystemMetrics
GetWindowRect
PostMessageA
MessageBoxA
DialogBoxParamA
DefWindowProcA
DestroyWindow
KillTimer
PostQuitMessage
CreateWindowExA
RegisterClassExA
LoadStringA
GetMessageA
DispatchMessageA
TranslateMessage

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e3005f104e2a182a8852b408f27c446

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

rasapi32

shell32

user32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB