6b8ffa85ca892456be0a90ff50fe03bc

Sharing

Copy URL Twitter E-mail

General

Target

6b8ffa85ca892456be0a90ff50fe03bc
Size

22KB
MD5

6b8ffa85ca892456be0a90ff50fe03bc
SHA1

bebf4377bdbb0d1bdd99e7f8ac6347e740cca395
SHA256

e9ad2aeef4878ad133dae6e8867dccf6f587b8310ae743dc199089d59edad5e6
SHA512

fbcf7e4141394357081969b1c0b391074c054e5520b41b0c2817ca047e55579637d70c801fbd8fcb4a1212e24b998a3851cc348f42dcc957f6da9380fead65ad
SSDEEP

384:303D9IoTnAEurg7FlQG4+u8aCCypASvkgU8ZH7Trmlh3PBbGDi5FreK:303Jqfrg++DaCiV6frmlbWi5l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b8ffa85ca892456be0a90ff50fe03bc

Files

6b8ffa85ca892456be0a90ff50fe03bc
.exe windows:5 windows x86 arch:x86

a54241f3ad8202603249d8067c3ba7d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

??_F?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
?exp@std@@YA?AV?$complex@O@1@ABV21@@Z
??1ios_base@std@@UAE@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBDI@Z
??1?$ctype@G@std@@UAE@XZ
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIXZ
??0overflow_error@std@@QAE@ABV01@@Z
??1runtime_error@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_LPoly
??Kstd@@YA?AV?$complex@N@0@ABV10@ABN@Z
_LNan
?is_open@?$basic_ifstream@GU?$char_traits@G@std@@@std@@QBE_NXZ

netapi32

NetGroupAddUser
I_BrowserQueryEmulatedDomains
NetApiBufferFree
NetDfsGetDcAddress
DsMergeForestTrustInformationW
NetSessionEnum
NetReplImportDirEnum
NetpDbgPrint
DsRoleGetPrimaryDomainInformation
I_NetDatabaseSync
NetpGetConfigTStrArray
NetLocalGroupAdd
I_NetDatabaseSync2

shlwapi

PathMakePrettyA
PathIsRootW
PathAppendA
StrCpyW
StrPBrkA
PathIsURLW
StrCmpNIW
StrCatBuffA
SHQueryInfoKeyW
StrRetToStrW
GetMenuPosFromID
StrToIntW
PathFindOnPathA
SHEnumKeyExW
ColorAdjustLuma
PathUnmakeSystemFolderW
PathCompactPathA

kernel32

GetSystemWindowsDirectoryW
GetCurrentThreadId
UTUnRegister
QueryPerformanceCounter
LoadLibraryExW
VirtualAlloc
OpenEventA
IsWow64Process
GetFirmwareEnvironmentVariableW
SetCurrentDirectoryA
ReadProcessMemory
HeapSummary
GetCurrentProcessId
GetTickCount
GetTapeStatus
CreateFileMappingA
GetEnvironmentVariableW
GetCommandLineA
FindFirstFileW
OpenProcess

opengl32

glVertex3fv
GlmfEndPlayback
glTexCoord1i
glScaled
glNewList
glDisableClientState
glNormalPointer
glVertex3dv
glGetBooleanv
glRotatef
glTexCoord1d
glTexCoord2f
glPointSize

mmcbase

??_FSC@mmcerror@@QAEXXZ
?FatalError@SC@mmcerror@@QBEXXZ
?Lock@CEventBuffer@@QAEXXZ
?s_pDispatcher@CConsoleEventDispatcherProvider@@0PAVCConsoleEventDispatcher@@A
?GetStringModule@@YGPAUHINSTANCE__@@XZ
?ToHr@SC@mmcerror@@QBEJXZ
?MMCUpdateRegistry@@YGJHPBVCObjectRegParams@@PBVCControlRegParams@@@Z
??0SC@mmcerror@@QAE@J@Z
?SCODEFromSc@@YGJABVSC@mmcerror@@@Z
??4?$CEventLock@UAppEvents@@@@QAEAAV0@ABV0@@Z
?s_hWnd@SC@mmcerror@@0PAUHWND__@@A
?FromWin32@SC@mmcerror@@QAEAAV12@J@Z

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 659B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a54241f3ad8202603249d8067c3ba7d5

Headers

DLL Characteristics

File Characteristics

Imports

msvcp60

netapi32

shlwapi

kernel32

opengl32

mmcbase

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 1024B - Virtual size: 659B

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 1024B - Virtual size: 659B

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB