6fd6d74e1f023a17b48c5d89f71f8f49

General

Target

6fd6d74e1f023a17b48c5d89f71f8f49
Size

54KB
MD5

6fd6d74e1f023a17b48c5d89f71f8f49
SHA1

9e1edd29259e5c37b54b0110e40ce9bac248b5a0
SHA256

7d2a47698089e5c819269e1c49ecf1109c71d6f135dc1075776bb97401e95efd
SHA512

62904f77d7c728fd20df08315db69febf41dd71df66308242bb31903add6b9648724600e474d172c9dca5c3876c820cde6495540ab155df43def1ffc57790eae
SSDEEP

1536:3U1+JsxJxMSY+A37feaCMJDmYsLIb4PvYqHB/AdIc:3XJQJiSDADeak7dJHB/AdIc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fd6d74e1f023a17b48c5d89f71f8f49

Files

6fd6d74e1f023a17b48c5d89f71f8f49
.exe windows:4 windows x86 arch:x86

d848a519f49276fc68169f7fdbb8c6ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

GetVersion
LocalFree
LocalAlloc
CloseHandle
CreateFileA
lstrcatA
lstrlenA
GetWindowsDirectoryA
lstrcmpiA
GetVersionExA
FormatMessageA
Sleep
GetModuleHandleA
ExitProcess
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
lstrcpyA
MultiByteToWideChar
lstrcmpA
WideCharToMultiByte
lstrcpynA
WritePrivateProfileStringA
GetSystemDirectoryA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation

tapi32

lineInitialize
lineGetDevCaps
lineShutdown
lineNegotiateAPIVersion
lineGetDevConfig
lineClose
lineMakeCall
lineOpen

user32

GetWindowRect
DialogBoxParamA
GetSystemMetrics
MessageBoxA
wsprintfA
EnableWindow
SendMessageA
EndDialog
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
MoveWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d848a519f49276fc68169f7fdbb8c6ba

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

ole32

shell32

tapi32

user32

version

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: - Virtual size: 44KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: - Virtual size: 44KB

.rsrc
Size: 40KB - Virtual size: 40KB