6b1906f62a2c0c0a4e3c68d4897014a3

Sharing

Copy URL Twitter E-mail

General

Target

6b1906f62a2c0c0a4e3c68d4897014a3
Size

533KB
MD5

6b1906f62a2c0c0a4e3c68d4897014a3
SHA1

546409f5deee88c5b0f96be63adfc1020e13b94e
SHA256

dbdcb86d2c996fa0fee3600d5177f59b0152480b8e7298ede4f38e944feb2dc4
SHA512

769efa74e353326b6b7c9fa9885295d8699e9db1f0db76e41d4c397221fdeaa54c4e377b5d69e338b1a31d2289006e441b827e05a1a206b66290eca7c56d448b
SSDEEP

12288:nbMMnMMMMMUw3s9bCDF6OxhtxvZCj+whwERe3HBgzdT078bRkVGzm9:nbMMnMMMMMzMehVCjLhwd3Hk078bRsb9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b1906f62a2c0c0a4e3c68d4897014a3

Files

6b1906f62a2c0c0a4e3c68d4897014a3
.exe windows:4 windows x86 arch:x86

b369050f749130fd9af04d680c95e9d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectW
GetRegionData
GetClipBox
GetRgnBox
CreateDIBPatternBrushPt
SetDCPenColor
MoveToEx
CreateDCW
GetStockObject
ExtTextOutW
RestoreDC
DeleteDC
SetStretchBltMode
RectVisible
GetSystemPaletteEntries
IntersectClipRect
SetTextColor
TextOutA
LPtoDP
CreateFontIndirectA
CreateFontW
CloseEnhMetaFile
CreateRectRgnIndirect
CreateHalftonePalette
DeleteEnhMetaFile
CreateMetaFileW
PatBlt
StretchDIBits
SelectObject
OffsetWindowOrgEx
GetTextColor
SetWindowExtEx
Rectangle
SetWindowOrgEx
CreateSolidBrush
GetPixel
CloseMetaFile
GetTextExtentPoint32W
GetDIBits
RealizePalette
GetTextExtentPoint32A
CreatePolygonRgn
SelectPalette
CreatePen
GetTextExtentPointW
GetTextExtentExPointI
SetPaletteEntries
CombineRgn
SetBkColor
SetBkMode
GetPaletteEntries
SetLayout
GetLayout
TextOutW
CreateBitmap
CreateRectRgn
GetTextCharset
BitBlt
CreatePatternBrush
CreatePalette
LineTo
SetViewportExtEx
EqualRgn
PlayEnhMetaFile
CreateDCA
SetBrushOrgEx
GetBkColor
GetGlyphIndicesW
GetDeviceCaps
GetObjectW
CreateDIBSection
SaveDC
CreateCompatibleDC
GetTextMetricsW
GetDCOrgEx
DeleteObject
SetTextAlign
GetTextAlign
OffsetRgn
CreateEnhMetaFileA
SetMapMode
SetViewportOrgEx
GetBkMode
SetRectRgn
StretchBlt
GetObjectA
ExtCreateRegion
GetBrushOrgEx
CreateCompatibleBitmap

shell32

SHGetFolderLocation
ExtractIconW
SHGetDesktopFolder
Shell_NotifyIconA
SHBrowseForFolderW
ShellExecuteA
SHGetPathFromIDListW
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHPathPrepareForWriteW
SHGetFolderPathW
SHChangeNotify
SHFileOperationW
SHGetSpecialFolderPathW
ExtractIconExW
ShellAboutW
SHGetFileInfoW
ExtractAssociatedIconExW
SHAppBarMessage
SHBindToParent
SHSetLocalizedName
SHGetDataFromIDListW
SHCreateShellItem
ShellExecuteW
ShellExecuteExW
SHGetInstanceExplorer
SHGetFolderPathAndSubDirW
DragQueryFileW
Shell_NotifyIconW

ddraw

DirectDrawCreate

kernel32

VirtualAlloc

ntdll

NtSetSystemEnvironmentValueEx
RtlAdjustPrivilege
RtlAddAccessAllowedObjectAce
NtQuerySemaphore

uxtheme

GetThemeColor
IsAppThemed
GetThemeFont
DrawThemeBackground
GetThemeMetric
GetThemeAppProperties
DrawThemeParentBackground
GetThemeBackgroundContentRect
GetThemePartSize
IsThemeActive
GetThemeBackgroundExtent
GetThemeMargins
CloseThemeData
SetWindowTheme
OpenThemeData

advapi32

RegEnumValueA
GetTokenInformation
CreateProcessAsUserW
ConvertSidToStringSidW
TraceEvent
RegQueryValueExW
GetTraceEnableFlags
ConvertStringSidToSidW
RegOpenKeyW
CryptCreateHash
RegisterTraceGuidsW
CryptReleaseContext
RegEnumKeyExW
RegCloseKey
DuplicateTokenEx
GetLengthSid
SetTokenInformation
CryptHashData
RegCreateKeyExW
ImpersonateSelf
OpenProcessToken
SetThreadToken
RegEnumValueW
RegOpenCurrentUser
ConvertStringSecurityDescriptorToSecurityDescriptorW
IsTextUnicode
RegQueryInfoKeyW
RegQueryValueW
RegDeleteValueW
RegDeleteValueA
GetTraceLoggerHandle
RegDeleteKeyA
RegCreateKeyA
TraceMessage
OpenThreadToken
RegOpenKeyExW
GetUserNameW
CryptDestroyHash
RegSetValueExW
RegQueryValueExA
CryptAcquireContextW
RegDeleteKeyW
CryptGetHashParam
RegOpenKeyExA
GetTraceEnableLevel
RegSetValueExA
RegEnumKeyW
RegCreateKeyExA
UnregisterTraceGuids

rtutils

TraceDumpExW
TraceDumpExA

user32

CreateIconIndirect
DispatchMessageA
UnregisterClassW
SetClipboardViewer
IsHungAppWindow
EndDialog
IsCharAlphaNumericW
UpdateWindow
CharUpperW
KillTimer
EndPaint
DrawFrameControl
PeekMessageW
GetIconInfo
CreatePopupMenu
RemovePropW
LoadStringA
GetWindowLongA
LoadAcceleratorsW
MonitorFromRect
GetAsyncKeyState
GetLastActivePopup
EqualRect
TrackPopupMenuEx
GetWindowLongW
FillRect
TrackPopupMenu
CharPrevA
MonitorFromPoint
GetWindowDC
DrawFocusRect
EnableWindow
MoveWindow
LockSetForegroundWindow
GetWindowPlacement
DestroyMenu
DdeClientTransaction
SetWindowPlacement
SetWindowLongA
EnumDisplaySettingsW
GetMenuDefaultItem
DdeConnect
RegisterClassExW
GetParent
DefWindowProcA
ChangeClipboardChain
SystemParametersInfoA
GetCapture
DialogBoxIndirectParamW
RemoveMenu
CallNextHookEx
FindWindowW
EmptyClipboard
GetClassLongW
DrawIconEx
GetClientRect
IntersectRect
EndDeferWindowPos
SetClipboardData
VkKeyScanExW
SetCursorPos
WindowFromPoint
AdjustWindowRectEx
SetMenuItemBitmaps
SetRect
CopyImage
DdeQueryStringW
MapDialogRect
ShowScrollBar
OffsetRect
SetCapture
MessageBoxIndirectW
GetWindowTextW
SetDlgItemTextW
IsIconic
DestroyWindow
GetScrollInfo
SetWindowsHookExW
SendMessageA
wsprintfW
GetClipboardData
GetWindowThreadProcessId
CheckDlgButton
DdeCreateDataHandle
IsMenu
ShowWindow
DialogBoxParamW
PostQuitMessage
GetMenuItemID
GetProcessWindowStation
GetDC
SetForegroundWindow
CharPrevW
SendDlgItemMessageW
SetPropW
GetPropW
LoadCursorA
RegisterClassW
MessageBoxW
GetMessageA
GetSubMenu
SetScrollPos
CopyRect
BeginPaint
GetWindowRect
GetDialogBaseUnits
SetWindowLongW
SetMenu
GetComboBoxInfo
CallWindowProcW
RegisterClipboardFormatW
CheckRadioButton
MessageBoxIndirectA
DestroyAcceleratorTable
DdeNameService
GetShellWindow
SetWindowPos
ShowOwnedPopups
EnumChildWindows
DefWindowProcW
DdeGetData
EnumThreadWindows
GetSysColorBrush
GetPropA
UpdateLayeredWindow
SetScrollInfo
IsWindowEnabled
GetSystemMetrics
MapWindowPoints
SetMenuDefaultItem
LoadCursorW
AdjustWindowRect
SetTimer
InvalidateRect
MsgWaitForMultipleObjects
IsWindowVisible
DialogBoxIndirectParamA
MessageBoxExA
GetClassInfoW
UnhookWindowsHookEx
GetMenuItemCount
CreateWindowExW
GetKeyState
CharNextW
CreateDialogParamW
CharNextA
SetWindowTextW
GetClassInfoExW
PtInRect
TrackMouseEvent
PostMessageA
GetMessageTime
SendMessageW
AnimateWindow
GetFocus
FindWindowA
GetKeyNameTextW
EnumWindows
GetWindowTextLengthW
RegisterWindowMessageW
SetFocus
CheckMenuRadioItem
GetMenuItemInfoW
DdeFreeDataHandle
LoadIconW
DrawTextExW
SystemParametersInfoW
ReleaseCapture
SendMessageTimeoutA
GetWindowRgnBox
SetParent
CopyIcon
DialogBoxParamA
CloseClipboard
LoadStringW
DdeFreeStringHandle
ShowCaret
GetSystemMenu
MsgWaitForMultipleObjectsEx
AttachThreadInput
NotifyWinEvent
CallMsgFilterW
RemovePropA
DispatchMessageW
MessageBoxExW
GetDlgItemTextW
SetMenuItemInfoW
DdeCreateStringHandleW
MonitorFromWindow
GetDlgCtrlID
CharLowerBuffW
GetTopWindow
GetMonitorInfoW
GetMenuItemInfoA
GetDoubleClickTime
FindWindowExW
GetMenuState
IsWindow
GetMessageW
SetDlgItemInt
GetActiveWindow
WaitForInputIdle
GetSysColor
GetClassWord
ClientToScreen
DdeInitializeW
PostMessageW
GetAncestor
TranslateAcceleratorW
GetWindow
GetCursorPos
ReleaseDC
DrawEdge
RegisterWindowMessageA
TranslateMessage
SendNotifyMessageW
HideCaret
GetDesktopWindow
PostThreadMessageW
ChildWindowFromPoint
DestroyIcon
GetCursor
SetRectEmpty
IsDlgButtonChecked
OpenClipboard
GetForegroundWindow
MapVirtualKeyW
SetActiveWindow
SetWindowRgn
EndMenu
InflateRect
DeleteMenu
DdeUninitialize
WinHelpW
BeginDeferWindowPos
AllowSetForegroundWindow
LoadBitmapW
DeferWindowPos
IsChild
LoadImageW
CharLowerW
DdeDisconnect
MessageBeep
GetClipboardFormatNameW
SetPropA
SetCursor
ScreenToClient
IsDialogMessageW
CreateMenu
GetMenuStringW
PostThreadMessageA
PeekMessageA
WaitMessage
UnionRect
InsertMenuW
CheckMenuItem
GetKeyboardLayout
EnableMenuItem
EnumDesktopWindows
GetClassNameW
GetLastInputInfo
GetNextDlgTabItem
RedrawWindow
AppendMenuW
LoadMenuW
InsertMenuItemW
GetMessagePos
IsRectEmpty
RegisterClipboardFormatA
IsWindowUnicode
GetDlgItem
SendMessageTimeoutW
DrawTextW
GetWindowInfo

psapi

GetProcessImageFileNameW

Sections

.text
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 489KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b369050f749130fd9af04d680c95e9d1

Headers

File Characteristics

Imports

gdi32

shell32

ddraw

kernel32

ntdll

uxtheme

advapi32

rtutils

user32

psapi

Sections

.text Size: 1024B - Virtual size: 1012B

.idata Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 2.0MB

.rsrc Size: 489KB - Virtual size: 488KB

.rdata Size: 25KB - Virtual size: 24KB

.text
Size: 1024B - Virtual size: 1012B

.idata
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 2.0MB

.rsrc
Size: 489KB - Virtual size: 488KB

.rdata
Size: 25KB - Virtual size: 24KB