6b973cad3285b01b5207910d1f78158d

Sharing

Copy URL Twitter E-mail

General

Target

6b973cad3285b01b5207910d1f78158d
Size

44KB
MD5

6b973cad3285b01b5207910d1f78158d
SHA1

538f384424e41fb7a9f627c33909b8ee7cf8f7fd
SHA256

39ca71ea1b36d5b88ea81eb8c8201e2ea844bab5e80fba4c8fcf0b11de5ed8f0
SHA512

020a482c4333fdcb6092058621fc565619ac4a5e66370eb5f64280f64ba9232bc9b2c1ba986468f41ae8ecb204c924647ee2b486498187ce2e121f0e674b91a1
SSDEEP

768:MSnSqkRTRWgoaJv2m4+2IOyTl70fQX3jrskW9Qpo9UHe27:wqkRTRWEJv72lol7kQHfkWoKHew

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b973cad3285b01b5207910d1f78158d

Files

6b973cad3285b01b5207910d1f78158d
.dll windows:5 windows x86 arch:x86

21ff393fc8a11f4eb263bef475f34bba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsAlloc
DisableThreadLibraryCalls
LoadLibraryA
MultiByteToWideChar
IsValidCodePage
GetVersion
VirtualAlloc
CloseHandle
GetUserDefaultLangID
GetProcAddress
GetDriveTypeA
FileTimeToLocalFileTime
GetVersionExA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLastError
GetModuleHandleA
HeapReAlloc
GetOEMCP
GetACP
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
RtlUnwind

user32

GetClientRect
GetForegroundWindow
MessageBoxA

gdi32

Rectangle

ole32

CoTaskMemAlloc
CoInitialize

Exports

Exports

GetStats
_Format

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSWAP1
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSWAP2
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21ff393fc8a11f4eb263bef475f34bba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

BSWAP1 Size: 9KB - Virtual size: 9KB

BSWAP2 Size: 11KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

BSWAP1
Size: 9KB - Virtual size: 9KB

BSWAP2
Size: 11KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB