6d947cabf5406710d2265dad9902b78d

Sharing

Copy URL Twitter E-mail

General

Target

6d947cabf5406710d2265dad9902b78d
Size

137KB
MD5

6d947cabf5406710d2265dad9902b78d
SHA1

f71121ecdf53087cd5d9fcab3451a1a78931e7c1
SHA256

638e0ee5f0a106e74ea1f50f979ec7a00a2ab95e949e3e09bc7e9c18f0fc678a
SHA512

84e065aa6c58ae8a77220ca279c7e3c6f105ec51d49ec1e87a5130e7b6e4fa989e755aafc8ecd19aea83e59241473e540f64134ea55d3ce656e8e903e2bb2bf8
SSDEEP

3072:R1fYPewuENXwJE1iKpS944U+bTo5o7YEh29ii7YpMRqsv:R1QPewzNXwJE1iKpuTonA291z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d947cabf5406710d2265dad9902b78d

Files

6d947cabf5406710d2265dad9902b78d
.exe windows:4 windows x86 arch:x86

7839a77e0af862915c33ff795d2268d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetStartupInfoA
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
SetCurrentDirectoryA
CompareStringA
SetHandleCount
FileTimeToDosDateTime
SetLastError
lstrcmpiA

msvcrt

__p__fmode
strcpy
_adjust_fdiv
_purecall
__getmainargs
log
_setjmp3
sprintf
_except_handler3
__setusermatherr
_XcptFilter
_initterm
__set_app_type
exit
__p__commode
_acmdln
fwrite

user32

RemovePropA
GetWindow
GetCursorPos
GetIconInfo
GetMessagePos
SendDlgItemMessageA
SetClassLongA
UnregisterClassA
DrawFrameControl
ScrollWindow
GetSubMenu

shell32

SHBrowseForFolder
SHGetPathFromIDList
SHFileOperationA
ShellExecuteA
ShellExecuteExA
DoEnvironmentSubstW
ExtractIconW
SHFileOperationW

ole32

CoGetInterfaceAndReleaseStream
IsAccelerator
CoTaskMemFree
CoInitialize
CoRegisterClassObject
CoSetProxyBlanket
CoInitializeEx

advapi32

CloseServiceHandle
AllocateAndInitializeSid
OpenThreadToken
CheckTokenMembership
RegQueryValueExW
InitiateSystemShutdownA
QueryServiceStatus
RegCreateKeyExA

oleaut32

SetErrorInfo
VariantClear
GetErrorInfo
SafeArrayRedim

version

GetFileVersionInfoSizeW
VerLanguageNameA
VerInstallFileA
VerInstallFileW
GetFileVersionInfoSizeA
GetFileVersionInfoA

gdi32

GetTextExtentExPointW
TextOutA
SetEnhMetaFileBits
ExtFloodFill
FillPath

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_DragLeave
ImageList_GetIconSize
ImageList_LoadImageW
ImageList_Create

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7839a77e0af862915c33ff795d2268d3

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

ole32

advapi32

oleaut32

version

gdi32

comctl32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 24KB - Virtual size: 24KB