6a34537d83944664042d4d88a2f4b03d

Sharing

Copy URL Twitter E-mail

General

Target

6a34537d83944664042d4d88a2f4b03d
Size

52KB
MD5

6a34537d83944664042d4d88a2f4b03d
SHA1

349bbd686bdaba872c29b0145d23a6575b067050
SHA256

6c0a75b8cccb91d3d5ab1a507b186be64b0012c75e887ef73cdf569d860ec93f
SHA512

d1496a8331caeacc875bfc2d924bde02d156a233d8f92da9596467d9bde259aa448eb81cc0b0d81dba5d2e2004f4332c94c5bc049ebaa7cf90ccab92f3a3fc9d
SSDEEP

768:W7GUTRPqBRJYG4bpOsXYOxZEXrbg2NMrA8WhA14ZwkOiV/cWGXy0xjxlaq9DkB:0GZBvYG7sXbbEXrM2689LVIyUxnwB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a34537d83944664042d4d88a2f4b03d

Files

6a34537d83944664042d4d88a2f4b03d
.exe windows:4 windows x86 arch:x86

6cb158776b842d44750d7d0a82fd97c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBitmapAttributes
GetWindowOrgEx
FONTOBJ_cGetAllGlyphHandles
ExcludeClipRect
SetRelAbs
GetETM
GetGlyphIndicesW
GetColorSpace
EndPage
EngDeleteClip
PolyDraw
GdiEntry9
SetPixelFormat
StartDocW
SetBrushAttributes
ResetDCW
BRUSHOBJ_pvAllocRbrush
StrokeAndFillPath
CreateMetaFileA
UnloadNetworkFonts
GetHFONT
GdiEntry12
EngAcquireSemaphore
GetEnhMetaFileW
GetKerningPairsA

mapi32

cmc_look_up
FtAdcFt@20
UNKOBJ_COFree@8
MAPIAllocateBuffer@8
WrapCompressedRTFStream@12
CchOfEncoding@4
FEqualNames@8
MAPIOpenLocalFormContainer
MAPISaveMail
BMAPIFindNext
UNKOBJ_ScAllocate@12
ScBinFromHexBounded@12
MAPIAllocateMore
LAUNCHWIZARD
MAPIDeleteMail
UlFromSzHex@4
UNKOBJ_ScSzFromIdsAlloc@20
MNLS_MultiByteToWideChar@24
SzFindLastCh@8
RTFSync@12
MAPISendMail
FtMulDwDw@8
OpenStreamOnFile

odbctrac

TraceSQLGetConnectOption
TraceSQLDescribeParam
TraceSQLPutData
TraceSQLDescribeColW
TraceSQLSetConnectAttrW
TraceSQLCancel
TraceSQLGetDiagFieldW
TraceSQLFreeEnv
TraceSQLGetCursorName
TraceSQLGetEnvAttr
TraceSQLGetDiagField
TraceSQLGetDescRec
TraceSQLConnect
TraceSQLProcedureColumnsW
TraceSQLAllocHandleStdW
TraceSQLStatisticsW

uniplat

SetUnimodemTimer
CallBeginning
ResetCallCount
FreeOverStruct
CallEnding
CreateUnimodemTimer
UnimodemDeviceIoControlEx
UnimodemQueueUserAPC
MonitorHandle
UnimodemWriteFileEx
SyncDeviceIoControl
StopMonitorThread
CancelUnimodemTimer
UnimodemNotifyTSP
FreeUnimodemTimer
AllocateOverStructEx
StartMonitorThread
UnimodemWaitCommEventEx
UnimodemReadFileEx
WinntIsWorkstation
DestroyOverStructPool
UmPlatformInitialize
ReinitOverStruct

kernel32

CreateProcessInternalW
GetEnvironmentStringsA
GlobalFindAtomA
GetFileType
GetConsoleMode
SetDefaultCommConfigA
BackupSeek
Toolhelp32ReadProcessMemory
CreatePipe
GetNumberOfConsoleFonts
DeactivateActCtx
SetConsoleNlsMode
CreateWaitableTimerA
VirtualAlloc
OpenSemaphoreW
SetConsoleCursorInfo
GetProfileStringA
UnregisterConsoleIME
FindFirstFileW
WritePrivateProfileStructA
PeekConsoleInputA
DnsHostnameToComputerNameW
SetProcessShutdownParameters
RaiseException
GetCalendarInfoA
LoadLibraryA
ReadConsoleInputW

advapi32

LsaSetSecurityObject
OpenSCManagerA
SaferSetLevelInformation
RegSetValueW
EnumDependentServicesW
WmiExecuteMethodW
GetTrusteeNameW
StopTraceW
RemoveTraceCallback
ClearEventLogW
CryptContextAddRef
ConvertSDToStringSDRootDomainA
CredRenameA
SystemFunction015
LsaOpenTrustedDomain
RegCreateKeyExW
RegOverridePredefKey
GetPrivateObjectSecurity
SystemFunction022
QueryTraceW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 17KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cb158776b842d44750d7d0a82fd97c5

Headers

File Characteristics

Imports

gdi32

mapi32

odbctrac

uniplat

kernel32

advapi32

Sections

.text Size: 16KB - Virtual size: 16KB

.xdata Size: 16KB - Virtual size: 15KB

.idata Size: 17KB - Virtual size: 122KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.xdata
Size: 16KB - Virtual size: 15KB

.idata
Size: 17KB - Virtual size: 122KB

.rsrc
Size: 1KB - Virtual size: 1KB