6de00ccdea2603e91f816bc73da66adb

General

Target

6de00ccdea2603e91f816bc73da66adb
Size

74KB
MD5

6de00ccdea2603e91f816bc73da66adb
SHA1

bc2d941734e3c1b7078c878725b633664ec6ccad
SHA256

cb60c9c7d9bd7205b37bc785aed354abf211b6a750525cd3c57d073aa230034c
SHA512

fce96aeb0ba180e707c99f79f5622b1c96eec7aca56de27afee2489618e94e4cddb3f2ea94fd3f74b94f7cfad168014d3d8350c69116908b3569ca886439b983
SSDEEP

1536:isqi7vxdUJa3gTt8zto5HhC4rHYgcde0qaD/:LZpdJ3gTt8hoXx4gRVaD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6de00ccdea2603e91f816bc73da66adb

Files

6de00ccdea2603e91f816bc73da66adb
.exe windows:4 windows x86 arch:x86

492d05d31c9fa0021a9fbc016f801177

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
RegEnumValueW
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueA
RegCreateKeyExA
RegReplaceKeyA
RegQueryInfoKeyW
RegQueryValueExA
RegDeleteKeyW
RegDeleteValueA
RegGetKeySecurity
RegCreateKeyW
RegQueryValueExW
RegQueryValueW
RegDeleteKeyA
RegOpenKeyW
RegEnumKeyW

user32

GetDC
CopyIcon
AppendMenuW
CopyRect
CalcMenuBar
DrawIcon
DrawTextW
CopyImage
LoadCursorA
LoadMenuA
CreateIcon
InsertMenuA
AlignRects
GetMenu
GetDlgItem
DialogBoxParamA
GetWindowTextLengthA
IsMenu
DrawIconEx
CloseWindow
DialogBoxParamW

kernel32

GetACP
DeleteFileA
GetACP
GetCommandLineA
GetACP
GetFileAttributesA
GetACP
GetFileType
GetACP
GetStringTypeW
GetACP
lstrcpynA
GetACP
lstrcmpA
GetACP
GetModuleFileNameA
WideCharToMultiByte
GlobalFree
GetFileAttributesA
GetCommandLineA
FreeLibrary
lstrcpyA
GetCPInfo
GetLastError
GetModuleFileNameA
lstrcatA
GetFileType
DeleteFileA
ExitProcess
lstrcpynA
GetModuleHandleA
HeapAlloc
WideCharToMultiByte
GetLocalTime
GetModuleFileNameA
GetStringTypeW
GetFileSize
lstrcpynA
GetStdHandle
GetFileType
GetLastError
GetCPInfo
lstrlenA
lstrcatA
GetConsoleCP
lstrcmpA
ExitProcess
FreeLibrary
GetStringTypeA
lstrcmpiA
GetCommandLineA

Sections

.teat
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rddta
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eaata
Size: 2KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idada
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

492d05d31c9fa0021a9fbc016f801177

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.teat Size: 15KB - Virtual size: 14KB

.rddta Size: 46KB - Virtual size: 46KB

.eaata Size: 2KB - Virtual size: 58KB

.idada Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 4KB

.teat
Size: 15KB - Virtual size: 14KB

.rddta
Size: 46KB - Virtual size: 46KB

.eaata
Size: 2KB - Virtual size: 58KB

.idada
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 4KB