6c3d6855a4266a7997f2bfe51fbfdd0a

Sharing

Copy URL

Twitter E-mail

General

Target

6c3d6855a4266a7997f2bfe51fbfdd0a
Size

300KB
MD5

6c3d6855a4266a7997f2bfe51fbfdd0a
SHA1

7b81ed80c4e0088c46db177a672715bc7dbaab7d
SHA256

e7b1721e540917262b40ec40f1358c8a27abec0ced8e6c4e3ecc63d1afb41909
SHA512

7a594b1b5182afe8e0aa4d8f2e201a6336d90c1f6dcb5500b41da41de89f575383bfed0d595743a4ea7154320414c220e32e117061f36668b7257b4949a15e7d
SSDEEP

6144:sZ0Vdx9QvQelTXogCPzTn5Q/A6ou3kytFq+8n/:H1QvHlCPzW/gLyzqb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c3d6855a4266a7997f2bfe51fbfdd0a

Files

6c3d6855a4266a7997f2bfe51fbfdd0a
.dll windows:4 windows x86 arch:x86

bbf53704d043b3043bc7c32e71d7fda5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
CreateFileMappingW
MapViewOfFile
GetFileSize
UnmapViewOfFile
InterlockedIncrement
FreeLibrary
FormatMessageW
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
SizeofResource
GetACP
HeapAlloc
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
ExitProcess
VirtualQuery
GetVersionExA
RtlUnwind
LockResource
LoadResource
GetLocalTime
InterlockedExchange
InterlockedCompareExchange
OutputDebugStringA
FlushFileBuffers
GetSystemInfo
Sleep
FindResourceW
lstrcpynW
GetWindowsDirectoryW
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrlenW
lstrlenA
LocalAlloc
LocalFree
lstrcmpW
lstrcmpA
GetProcAddress
LoadLibraryW
GetModuleFileNameW
MultiByteToWideChar
FreeResource
CloseHandle
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
WaitForSingleObject
ReleaseMutex
GetCommandLineA
GetOEMCP
VirtualProtect

user32

DestroyWindow
WinHelpW
SetWindowContextHelpId
GetWindowLongW
ScreenToClient
LoadStringW
DestroyIcon
BeginDeferWindowPos
GetDlgItem
MapWindowPoints
GetWindowRect
GetDlgCtrlID
SetFocus
GetPropW
CallWindowProcW
RemovePropW
CreateWindowExW
SetWindowLongW
GetParent
PostMessageW
SendMessageW
SetPropW
GetSystemMetrics
SetWindowPos
GetWindowTextLengthW
SetWindowTextW
ShowWindow
EnableWindow
CheckDlgButton
DeferWindowPos
GetClientRect
InvalidateRect
ReleaseDC
GetWindowDC
EndDialog
SetCursor
LoadCursorW
GetFocus
ChildWindowFromPointEx
DestroyMenu
TrackPopupMenu
AppendMenuW
CreatePopupMenu
DrawFocusRect
FillRect
GetSysColor
LoadIconW
LoadImageW
GetIconInfo
CreateIconIndirect
GetDC
SetParent
ClientToScreen
SendDlgItemMessageW
GetSysColorBrush
GetUpdateRect
EndDeferWindowPos
EnumChildWindows

advapi32

RegDeleteValueW
OpenSCManagerW
OpenServiceA
QueryServiceStatus
StartServiceA
ControlService
CloseServiceHandle
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
CryptHashSessionKey
RegSetValueExW
RegCreateKeyExW
RegCreateKeyW
RegCloseKey
RegQueryValueExW

gdi32

DeleteObject
SetBkMode
DeleteDC
CreateCompatibleDC
TextOutW
SelectObject
GetTextMetricsW
CreateSolidBrush
StretchDIBits
CreateCompatibleBitmap
BitBlt
SetStretchBltMode
GetObjectW
StretchBlt
CreateBitmap
IntersectClipRect
CreateFontIndirectW
GetTextExtentPointW
SetTextColor

rpcrt4

UuidToStringW
RpcStringFreeW

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbf53704d043b3043bc7c32e71d7fda5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

rpcrt4

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 6KB