6873ff7e193cc4a6f774ad20ab9d191e

Sharing

Copy URL Twitter E-mail

General

Target

6873ff7e193cc4a6f774ad20ab9d191e
Size

226KB
MD5

6873ff7e193cc4a6f774ad20ab9d191e
SHA1

3a1f231cd2c158859f307c9ef43107385c2b5ad9
SHA256

dc8dae392fa1e845d99a6bf14ed11bfaa7250d84dd178ec5f8e54f49b27a92a8
SHA512

33fc0af80c4a36c601ce20f9da0b2191ce30fd202e13942d002b5283890fc2271f93f749bd4701d93a07631ff7a473b279c0de95d4d945e398ff83d6cce1d07b
SSDEEP

6144:SvWsAhq1dSAE6ynuxhoqafNYQpgWUi3Ewyt6P4Q1D:SvWsGqvSAE6y2ENY+gWF3EwzdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6873ff7e193cc4a6f774ad20ab9d191e

Files

6873ff7e193cc4a6f774ad20ab9d191e
.exe windows:5 windows x86 arch:x86

fb908907d7a054fbd70c56cc147479ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateICW
Ellipse
GetStockObject
UnrealizeObject
GetTextColor
GetCurrentObject
CreateEllipticRgnIndirect
CreateCompatibleBitmap
GetSystemPaletteEntries
CreateDIBSection
CreatePalette
BeginPath

kernel32

GetSystemWindowsDirectoryW
GetLocaleInfoA
HeapAlloc
CreateMailslotW
HeapFree
FindResourceExW
GetModuleHandleW
SizeofResource
LoadLibraryExW
GetProcessHeap
MoveFileExW
lstrcmpA
FormatMessageW
CallNamedPipeW
FindFirstFileA
SetThreadLocale
SetupComm
GlobalFlags

shlwapi

StrCpyNW
StrChrNW

user32

PostMessageW
IsWindow
RemoveMenu
CheckDlgButton
IsZoomed
OpenInputDesktop
ShowCaret
GetScrollInfo
RegisterClassExA
SendInput
DrawFrameControl
GetClassLongA
ScreenToClient
LoadStringA
BeginDeferWindowPos
DrawIconEx
MapDialogRect
GetForegroundWindow
ShowWindowAsync
GetWindowLongA
FindWindowA
GetKeyboardLayoutList
LoadImageW
SendNotifyMessageW
SetClassLongW
IsCharAlphaNumericW
GetNextDlgGroupItem
DestroyIcon
DragObject

comctl32

DestroyPropertySheetPage
ImageList_Create
PropertySheetA
CreateStatusWindowW
PropertySheetW

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb908907d7a054fbd70c56cc147479ea

Headers

File Characteristics

Imports

gdi32

kernel32

shlwapi

user32

comctl32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 71KB - Virtual size: 71KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 36KB - Virtual size: 200KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 71KB - Virtual size: 71KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 36KB - Virtual size: 200KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB