6bcdb99c2578ee74c79f74717bccf83e

Sharing

Copy URL Twitter E-mail

General

Target

6bcdb99c2578ee74c79f74717bccf83e
Size

455KB
MD5

6bcdb99c2578ee74c79f74717bccf83e
SHA1

d531e2ef9f07c630ebe202cfd889ce3bb64e0976
SHA256

786b7db130058a24b0ee5b901873ff0a30745d839bfb9e5c47fcca3a9302af04
SHA512

01df5dad8408147ce0e630f6ee01cbc8ef939d82fba2109b8d84bb61b7f12020355a37007840543abd9e0014eef04553f95ad445aa5873e8b1fde91582993f63
SSDEEP

12288:3pRy1IG3RnxPWMMtd5JR0SXXQTl8eKTDsg0dAE5ddr5T68ncsy:32rnetdt0SX45wDsg0dZrRn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bcdb99c2578ee74c79f74717bccf83e

Files

6bcdb99c2578ee74c79f74717bccf83e
.exe windows:4 windows x86 arch:x86

53fa73abd6176130697851f8d414ec74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
EnterCriticalSection
LCMapStringA
CompareStringW
RtlUnwind
GetUserDefaultLCID
CompareStringA
GetCurrentProcess
GetStringTypeA
VirtualAlloc
OutputDebugStringA
IsValidCodePage
HeapReAlloc
GetLocaleInfoW
EnumResourceLanguagesA
GetLocaleInfoA
GetACP
MultiByteToWideChar
GetModuleFileNameA
GetCommandLineA
GetTimeZoneInformation
ExitProcess
GetEnvironmentStrings
GetTimeFormatA
HeapDestroy
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeW
FreeEnvironmentStringsW
InterlockedDecrement
QueryPerformanceCounter
TlsSetValue
SetHandleCount
GetEnvironmentStringsW
SetFilePointer
TlsFree
FreeEnvironmentStringsA
HeapAlloc
GetStartupInfoA
HeapFree
LockResource
SetConsoleCtrlHandler
GetCurrentProcessId
CloseHandle
GetVersionExA
GetSystemInfo
SetStdHandle
InitializeCriticalSection
FlushFileBuffers
GetFileType
HeapCreate
GetCPInfo
VirtualProtect
SetLastError
GetComputerNameA
DebugBreak
WriteFile
WideCharToMultiByte
VirtualFree
GlobalSize
FillConsoleOutputAttribute
SetEnvironmentVariableA
GetThreadTimes
EnumResourceNamesA
EnumSystemLocalesA
HeapValidate
GetProcAddress
GetLastError
GetOEMCP
DeleteCriticalSection
IsValidLocale
InterlockedExchange
InterlockedIncrement
UnhandledExceptionFilter
GetStdHandle
VirtualQuery
TlsGetValue
TlsAlloc
GetSystemTime
LeaveCriticalSection
GetCurrentThreadId
IsBadReadPtr
LCMapStringW
TerminateProcess
GetDateFormatA
IsBadWritePtr
GetConsoleScreenBufferInfo
GetModuleHandleA

gdi32

StrokePath
GetAspectRatioFilterEx
GetObjectW
SetBitmapBits
SetICMProfileA
IntersectClipRect
PolyTextOutW

comdlg32

FindTextA
ChooseFontW
GetSaveFileNameW
LoadAlterBitmap
ReplaceTextA
GetFileTitleW
PageSetupDlgW
ChooseColorW
PageSetupDlgA
ChooseFontA
GetFileTitleA
PrintDlgA
GetSaveFileNameA

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53fa73abd6176130697851f8d414ec74

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 5KB - Virtual size: 4KB