6b3d9e68e9364dc0227eced1ca5a8085

Sharing

Copy URL Twitter E-mail

General

Target

6b3d9e68e9364dc0227eced1ca5a8085
Size

848KB
MD5

6b3d9e68e9364dc0227eced1ca5a8085
SHA1

97dff9fc1471d1f0fbb9be4100674abfb5158ac4
SHA256

3e29db46d9fc67a1dce9652c1d12c64ff4f90be6b8b1c2b7f1c7471143aa6627
SHA512

00196d41a900b8109dbe2dd95b38029d67900db6db119d159dd2aae28255229c56fc8dd359b4434b7c2585c207b5cd9015cf432c7b51b4e8c6c43d6292a99150
SSDEEP

24576:liRLWoCRXbZfboI+SCtOCB5sWddNguHYR8RP:liRaP1FbN+So5soMqRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b3d9e68e9364dc0227eced1ca5a8085

Files

6b3d9e68e9364dc0227eced1ca5a8085
.exe windows:4 windows x86 arch:x86

190547c57176f2f3e581ba8af6ebb74b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
VariantInit
SysFreeString
SysAllocStringLen
VariantClear

user32

SetForegroundWindow
PostQuitMessage
ReleaseDC
SetWindowPos
IsWindow
GetDC
SendMessageA
ScreenToClient
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
TranslateMessage
IsWindowEnabled
LoadStringA
EnableMenuItem
RegisterClassA
GetWindowLongA
SetTimer
DispatchMessageA
EndPaint
SetFocus
PeekMessageA
BeginPaint
DefWindowProcA
MapWindowPoints
GetSystemMetrics
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
EndDialog
SetWindowTextA
CheckMenuItem
GetSubMenu
CreateWindowExA
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
GetDesktopWindow
GetFocus
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
wsprintfA
InvalidateRect
GetClientRect
CallWindowProcA
SetCursor

kernel32

VirtualProtect
GetModuleFileNameW
lstrlenW
GetEnvironmentVariableA
GetFileType
IsDebuggerPresent
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindNextFileA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetConsoleMode
GetLocaleInfoA
LocalAlloc
ExitProcess
LoadLibraryExW
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
LoadLibraryW
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
GetUserDefaultLCID
GetCommandLineW
GetUserDefaultLangID
GetVersion
GetCurrentThreadId
GetLastError
GetSystemDefaultLCID
GetCurrentThread
GetCurrentProcess
GetCommandLineA
GetTickCount
GetCurrentProcessId
GetSystemDefaultLangID
GetModuleHandleW
VirtualAlloc
GetOEMCP
Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
InterlockedExchange
GetDiskFreeSpaceA
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
HeapSize
GetCPInfo
LockResource
SizeofResource
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
InterlockedIncrement
CreateFileA
TlsSetValue
HeapAlloc
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
WaitForMultipleObjects
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
lstrcpyA
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetErrorMode
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
SetEndOfFile
CreateEventW
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
SetLastError

advapi32

RegCloseKey
RegDeleteKeyA
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExW

gdi32

DeleteObject
SetBkColor
DeleteDC
GetStockObject
SetTextColor
CreateCompatibleDC
SelectObject
CreateSolidBrush
SetBkMode
GetDeviceCaps

ole32

CoUninitialize
CoCreateInstance

Sections

.text
Size: 15KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 815KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190547c57176f2f3e581ba8af6ebb74b

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

advapi32

gdi32

ole32

Sections

.text Size: 15KB - Virtual size: 336KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 815KB - Virtual size: 814KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 15KB - Virtual size: 336KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 815KB - Virtual size: 814KB

.rsrc
Size: 10KB - Virtual size: 9KB