6bdb2c67e4608331d906327a7bbf1758

Sharing

Copy URL Twitter E-mail

General

Target

6bdb2c67e4608331d906327a7bbf1758
Size

848KB
MD5

6bdb2c67e4608331d906327a7bbf1758
SHA1

c69618334b2369d587b4a9cc4a068e58afa33dd6
SHA256

28afeaa63df465b634a5ddff931da5888fb3fed54c72695d52d9fd1c5c4ba7c1
SHA512

600cb44d6475ea016638195d15c50e46ed57eee2de959f05e2c048599d803683191e93520ac0cc410e772e72b7fde8918191c46c9692ac8ad49995bd75ea4118
SSDEEP

24576:liRLWoCRXbZfboI+SCtOCB5sWddNguHYR8Rd:liRaP1FbN+So5soMqRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bdb2c67e4608331d906327a7bbf1758

Files

6bdb2c67e4608331d906327a7bbf1758
.exe windows:4 windows x86 arch:x86

190547c57176f2f3e581ba8af6ebb74b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
VariantInit
SysFreeString
SysAllocStringLen
VariantClear

user32

SetForegroundWindow
PostQuitMessage
ReleaseDC
SetWindowPos
IsWindow
GetDC
SendMessageA
ScreenToClient
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
TranslateMessage
IsWindowEnabled
LoadStringA
EnableMenuItem
RegisterClassA
GetWindowLongA
SetTimer
DispatchMessageA
EndPaint
SetFocus
PeekMessageA
BeginPaint
DefWindowProcA
MapWindowPoints
GetSystemMetrics
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
EndDialog
SetWindowTextA
CheckMenuItem
GetSubMenu
CreateWindowExA
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
GetDesktopWindow
GetFocus
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
wsprintfA
InvalidateRect
GetClientRect
CallWindowProcA
SetCursor

kernel32

VirtualProtect
GetModuleFileNameW
lstrlenW
GetEnvironmentVariableA
GetFileType
IsDebuggerPresent
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindNextFileA
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetConsoleMode
GetLocaleInfoA
LocalAlloc
ExitProcess
LoadLibraryExW
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
LoadLibraryW
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
GetUserDefaultLCID
GetCommandLineW
GetUserDefaultLangID
GetVersion
GetCurrentThreadId
GetLastError
GetSystemDefaultLCID
GetCurrentThread
GetCurrentProcess
GetCommandLineA
GetTickCount
GetCurrentProcessId
GetSystemDefaultLangID
GetModuleHandleW
VirtualAlloc
GetOEMCP
Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
InterlockedExchange
GetDiskFreeSpaceA
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
HeapSize
GetCPInfo
LockResource
SizeofResource
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
InterlockedIncrement
CreateFileA
TlsSetValue
HeapAlloc
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
WaitForMultipleObjects
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
lstrcpyA
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetErrorMode
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
SetEndOfFile
CreateEventW
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
SetLastError

advapi32

RegCloseKey
RegDeleteKeyA
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExW

gdi32

DeleteObject
SetBkColor
DeleteDC
GetStockObject
SetTextColor
CreateCompatibleDC
SelectObject
CreateSolidBrush
SetBkMode
GetDeviceCaps

ole32

CoUninitialize
CoCreateInstance

Sections

.text
Size: 15KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 815KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190547c57176f2f3e581ba8af6ebb74b

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

advapi32

gdi32

ole32

Sections

.text Size: 15KB - Virtual size: 336KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 815KB - Virtual size: 814KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 15KB - Virtual size: 336KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 815KB - Virtual size: 814KB

.rsrc
Size: 10KB - Virtual size: 9KB