6ade862edad4bdb76a1ecb8b71bf1af4

Sharing

Copy URL Twitter E-mail

General

Target

6ade862edad4bdb76a1ecb8b71bf1af4
Size

193KB
MD5

6ade862edad4bdb76a1ecb8b71bf1af4
SHA1

d4e7b4fb54e6b42eb57be0380f182b26487a7f25
SHA256

e6777192493a278a9a4547c0a49f254899238afedecd7ce0abefedecff8e7b9f
SHA512

6b06364f4a96676ca4885fa4ab1c31d78d41f929540d08173398ccf384381c93896874b262f4d36ae9ac1337a2d2efe5632985407f03b83b5f4ee2947a012542
SSDEEP

6144:uapbpPJlGB61DpI5FKhdVz5F5D2mF5oJ:uEFJA01Dm5FKhdfVFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ade862edad4bdb76a1ecb8b71bf1af4

Files

6ade862edad4bdb76a1ecb8b71bf1af4
.exe windows:4 windows x86 arch:x86

e59ddb45668d76479f95adc64fb5f197

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

SetTapeParameters
GetLocalTime
ClearCommError
GetWindowsDirectoryA
GetVersion
FindClose
EnumResourceNamesA
InterlockedExchange
ExitProcess
Sleep
GetCurrentProcessId
FindFirstFileA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advapi32

RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

ReleaseCapture
GetWindowInfo
GetWindowLongA
GetDlgItem
GetSysColor
SetWindowPos
SetCursor
SetWindowLongA
LoadCursorA
GetDC
IsWindow
MoveWindow
FillRect
ReleaseDC
SetCapture

winmm

mciSendCommandA
sndPlaySoundA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

gdi32

SetTextColor
SelectObject
EnumFontFamiliesExA
TextOutA
Rectangle
SetBkMode
DeleteObject
GetObjectA
GetTextExtentPoint32A
SaveDC
CreateRectRgn
CreateCompatibleDC
CreateFontIndirectA
BitBlt
RestoreDC
GetStockObject
DeleteMetaFile
GetDeviceCaps
CreateSolidBrush
DeleteDC
CreateCompatibleBitmap

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e59ddb45668d76479f95adc64fb5f197

Headers

File Characteristics

Imports

version

kernel32

shell32

advapi32

oleacc

user32

winmm

ole32

gdi32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 228KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 228KB