6fc4fc92d35688fb3805d085ed3ec186

General

Target

6fc4fc92d35688fb3805d085ed3ec186
Size

121KB
MD5

6fc4fc92d35688fb3805d085ed3ec186
SHA1

763936e4286e5e6ad296faa920a2deaa8ecce104
SHA256

3a573370cd645db75ba89008a09590a03ef1a7c071d41e6c71e386e5e36fde3f
SHA512

6bd7b81e193a695552b7eca6739043215b8e959c58c4506a2fa2fc2e982b3d1e8130761153577c61880da649fb7ba3dde3aaec5653229eb87cb60bdcb228c6bb
SSDEEP

1536:Ao6bnwyWXHDSlErMWqHqPYUjd4Zs8+TogzWcoIOpeS9g54n1Q7PWzbsdNoeJuCwC:esD3rMcmx+T/TOl9gW1Q70bYNoew

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fc4fc92d35688fb3805d085ed3ec186

Files

6fc4fc92d35688fb3805d085ed3ec186
.exe windows:4 windows x86 arch:x86

4dc251f3e9bf144c1c6fbdcbdab4403d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BringWindowToTop
SetForegroundWindow
SetFocus
ShowWindow
keybd_event
VkKeyScanA
GetClassNameA
GetWindowTextA
EnumWindows
GetMenu
IsWindow
SendMessageA
FindWindowExA
FindWindowA

msvcrt

strcspn
_splitpath
fprintf
_iob
toupper
wcslen
__dllonexit
_onexit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strtoul
strcpy
atoi
strcat
wcscat
_EH_prolog
__CxxFrameHandler
malloc
strstr
fopen
fputs
fclose
free
strcmp
sscanf
memcpy
srand
strncpy
strtok
memset
rand
_snprintf
strlen
sprintf
strncat
_vsnprintf
strchr
_strlwr
strrchr
fseek
ftell
memcmp
fread
??2@YAPAXI@Z
_exit

kernel32

GetSystemDirectoryA
ReleaseMutex
GetStartupInfoA
CopyFileA
GetWindowsDirectoryA
GetFileTime
SetFileTime
GetFileAttributesA
ExpandEnvironmentStringsA
GetCurrentThread
GetCurrentProcess
TerminateProcess
OpenProcess
SetFileAttributesA
DeleteFileA
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetLocaleInfoA
CreateProcessA
WaitForSingleObject
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExA
GetTempPathA
ExitProcess
TerminateThread
TransactNamedPipe
MultiByteToWideChar
CreateFileA
WriteFile
CloseHandle
WinExec
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
ExitThread
GetModuleFileNameA
CreateThread
Sleep
lstrcmpiA
GetTickCount
CreateMutexA

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4dc251f3e9bf144c1c6fbdcbdab4403d

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 63KB - Virtual size: 475KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 63KB - Virtual size: 475KB