6fd0a94df1bc961bc04241195436f053

Sharing

Copy URL

Twitter E-mail

General

Target

6fd0a94df1bc961bc04241195436f053
Size

647KB
MD5

6fd0a94df1bc961bc04241195436f053
SHA1

329dbc7cfc7ba95ef6cecb69aaf51e4f7bfa0066
SHA256

3beec958d7f3e741aa359a2fbb7a981cb8df61ea167e5786922155a9b4e12bfd
SHA512

951337b49bbf4dcf33320a458efce461fe99f2061a5baeea00107347d7a409cd0e26b1221011b2a3f0e6a14782ea7f97b6968a2b718fb97903cad0a429b71566
SSDEEP

12288:Tm9neOYD+kWBbGjz9enIPcaN4gpbkmYf9r8ZQlwveeYEKG1EbKhsJOve:Tm9yD+tGjz9enwBN4gNkRrsQlwWelDE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fd0a94df1bc961bc04241195436f053

Files

6fd0a94df1bc961bc04241195436f053
.exe windows:5 windows x86 arch:x86

a388d89104fee3fc66088f862332a920

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

gdi32

SetBkColor
GetDeviceCaps

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
VariantClear

kernel32

ResetEvent
VirtualAlloc
Sleep
VirtualFree
FindResourceW
UnmapViewOfFile
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
SetStdHandle
LoadLibraryExW
GetLastError
LeaveCriticalSection
GetCurrentThreadId
GetExitCodeProcess
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
GetProcAddress
FindFirstFileW
CompareStringA
FindNextFileW
lstrcmpA
CompareStringW
GetProcessHeap
GlobalLock
GetEnvironmentVariableA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
FreeLibrary
lstrcmpiW
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetVersion
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
GetStartupInfoA
SetUnhandledExceptionFilter
SetFileAttributesA
CreateThread
GetModuleHandleA
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
GetOEMCP
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
GetTempPathA
FreeEnvironmentStringsW
SetErrorMode
ExitProcess
CreateFileA
ExpandEnvironmentStringsA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
TlsSetValue
RtlUnwind

user32

SetCursor
CallWindowProcA
wsprintfA
InvalidateRect
IsWindowVisible
GetSysColor
MessageBoxA
SetForegroundWindow
SendMessageA
LoadCursorA
ScreenToClient
GetDlgItem
SetTimer
SetWindowTextA
SetWindowLongA
PostMessageA
GetWindowRect
IsIconic
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
SetFocus
EndPaint
DispatchMessageA
FillRect
CreateWindowExA
GetSubMenu
RegisterClassA
EnableMenuItem
LoadStringA
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
ClientToScreen
GetClientRect
MoveWindow
ReleaseDC
GetCursorPos
IsWindow
SetWindowPos
PostQuitMessage

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 605KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a388d89104fee3fc66088f862332a920

Headers

File Characteristics

Imports

advapi32

gdi32

oleaut32

kernel32

user32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 605KB - Virtual size: 605KB

.data Size: 18KB - Virtual size: 21KB

.rsrc Size: 1024B - Virtual size: 760B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 605KB - Virtual size: 605KB

.data
Size: 18KB - Virtual size: 21KB

.rsrc
Size: 1024B - Virtual size: 760B