6d582ed940471a1a5f78cc7d6e486f22

Sharing

Copy URL Twitter E-mail

General

Target

6d582ed940471a1a5f78cc7d6e486f22
Size

644KB
MD5

6d582ed940471a1a5f78cc7d6e486f22
SHA1

fc47ba79a2eb644f51866074d01dec4fc14f194e
SHA256

dc5eb5334929c8d5f6a2a5ebedf05324644b616236ebdc588ba1bebab35dd492
SHA512

cc7bc89efbcc6027459d871ff9dc79cb30c6f5b6ddd7c2c7d1ea8b4c9d0a2f811b2fe43ff5a7405ce09a79671c498a8b43d3efbed14eb639a6845d8b353c9107
SSDEEP

12288:hZ31b9sI1LqZH3JXgqSoz3JgT1MFJpY4dwwRxxxKrLfzpX:htUI1LqZ3JwqSoz3JgTeFJ24dwwR7xU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d582ed940471a1a5f78cc7d6e486f22

Files

6d582ed940471a1a5f78cc7d6e486f22
.exe windows:4 windows x86 arch:x86

c5ba314d430a768b739b810a3bf3fc56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

smackw32

_SmackBufferBlit@32
_SmackClose@4
_SmackBufferFocused@4
_SmackToBufferRect@8
_SmackBufferEndMultipleBlits@4
_SmackNextFrame@4
_SmackBufferSetPalette@4
_SmackBufferClose@4
_SmackWait@4
_SmackToBuffer@28
_SmackDoFrame@4
_SmackBufferStartMultipleBlits@4
_SmackBufferNewPalette@12
_SmackColorRemapWithTrans@20
_SmackOpen@12
_SmackBufferOpen@24

wsock32

gethostbyname
send
WSAGetLastError
connect
htons
socket
recv
recvfrom
WSAAsyncGetHostByName
WSACancelAsyncRequest
WSAStartup
ioctlsocket
WSACleanup
gethostname
sendto
ntohs
setsockopt
inet_ntoa
bind
closesocket

winmm

timeSetEvent
timeBeginPeriod
timeKillEvent
timeEndPeriod
timeGetTime

kernel32

LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReleaseMutex
CreateMutexA
AddAtomA
FindAtomA
FindClose
FindFirstFileA
DeleteCriticalSection
WaitForSingleObject
GetWindowsDirectoryA
GetVersionExA
GlobalUnlock
GlobalLock
GetTempPathA
GlobalAlloc
GetFullPathNameA
FindNextFileA
SetCurrentDirectoryA
GetVersion
Sleep
MultiByteToWideChar
IsBadCodePtr
SetEndOfFile
GetCurrentProcessId
FreeLibrary
LoadLibraryA
GetProcAddress
SetFilePointer
VirtualFree
ReadFile
GetCPInfo
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetACP
GetOEMCP
SetStdHandle
GetStringTypeA
GetStringTypeW
FlushFileBuffers
CreateFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
GetStartupInfoA
WideCharToMultiByte
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
RtlUnwind
GetStdHandle
GetCurrentThreadId
WriteFile
HeapReAlloc
RaiseException
HeapSize
GetCurrentDirectoryA
HeapFree
GetDriveTypeA
GetCommandLineA
GetModuleHandleA
HeapAlloc
InterlockedDecrement
CloseHandle
LCMapStringA
InterlockedIncrement
GetLastError
IsBadReadPtr
GetCurrentProcess
TerminateProcess
ExitProcess
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
HeapDestroy
DeleteFileA
HeapCreate

user32

TranslateAcceleratorA
SetCursor
TranslateMessage
GetMessageTime
ChildWindowFromPoint
PeekMessageA
GetSysColor
LoadStringA
CloseClipboard
GetClipboardData
RegisterClipboardFormatA
OpenClipboard
SetClipboardData
EmptyClipboard
GetFocus
GetDlgCtrlID
CheckDlgButton
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
IsDlgButtonChecked
CheckRadioButton
KillTimer
GetDlgItem
SendMessageA
DispatchMessageA
wsprintfA
GetPropA
ShowCursor
IsDialogMessageA
GetCursorPos
ScreenToClient
BeginPaint
EndPaint
MessageBoxA
SetCapture
ReleaseCapture
FlashWindow
IsIconic
ShowWindow
SetForegroundWindow
GetDC
ReleaseDC
SetWindowLongA
SetRect
GetWindowLongA
AdjustWindowRect
GetSystemMetrics
SetWindowPos
UpdateWindow
GetActiveWindow
GetMessageA
PostMessageA
GetDialogBaseUnits
GetWindowRect
EndDialog
GetClientRect
GetAsyncKeyState
GetKeyState
ClientToScreen
SetCursorPos
CallWindowProcA
GetMenu
IsChild
GetWindowPlacement
SetWindowPlacement
GetScrollRange
SetScrollPos
GetParent
GetTopWindow
SetFocus
SetPropA
MoveWindow
LoadCursorA
DestroyWindow
GetWindow
InvalidateRect
DestroyMenu
DialogBoxIndirectParamA
LoadMenuA
CreateWindowExA
LoadIconA
RegisterClassA
FindWindowA
LoadAcceleratorsA
SetScrollRange
DefWindowProcA
GetLastActivePopup
BringWindowToTop
GetUpdateRect
GetWindowTextA
EnableWindow
RedrawWindow
SetTimer
PostQuitMessage
IsWindowVisible
GetCapture
UnregisterClassA

gdi32

GetStockObject
DeleteObject
DeleteDC
StretchBlt
CreateCompatibleDC
SetDIBitsToDevice
SelectPalette
GetSystemPaletteEntries
RealizePalette
BitBlt
CreatePalette
UpdateColors
GetPaletteEntries
SetBkColor
CreateSolidBrush
SetTextColor
TextOutA
SetBkMode
GetTextExtentPoint32A
SetDIBColorTable
GetDIBColorTable
CreateDIBSection
GetDeviceCaps
SelectObject

comdlg32

ChooseColorA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 576KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5ba314d430a768b739b810a3bf3fc56

Headers

File Characteristics

Imports

smackw32

wsock32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 576KB - Virtual size: 572KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 32KB - Virtual size: 609KB

.rsrc Size: 16KB - Virtual size: 20KB

.text
Size: 576KB - Virtual size: 572KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 32KB - Virtual size: 609KB

.rsrc
Size: 16KB - Virtual size: 20KB