6e027391f91c32aca235da329bc87903

Sharing

Copy URL Twitter E-mail

General

Target

6e027391f91c32aca235da329bc87903
Size

252KB
MD5

6e027391f91c32aca235da329bc87903
SHA1

b908fa01521ca9e3ea3d71dca08aa202eb4f060d
SHA256

f00272f104f3bb444cce982d1955a6677e465d23d3a2f1b363081c7687dd79a3
SHA512

bd73ad5c2c40f7579fbb456882c8ce1becc6ff3893d39818e90f53cc3cc5e5c638f00f482721c303f171ea206e81ecc1cc390e532abe92b47278780ac1dad29e
SSDEEP

6144:pIU2poG0gmSaZy743Ls9mXJzqhwXJzH26TOLpTI:iUGLW3JFqidH9kpT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e027391f91c32aca235da329bc87903

Files

6e027391f91c32aca235da329bc87903
.exe windows:4 windows x86 arch:x86

92e1239c66af7474c6e4b7747eb2cd9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
HeapSize
FindFirstFileW
ReadConsoleInputA
GetTimeFormatA
DeleteCriticalSection
HeapAlloc
LoadLibraryA
VirtualFree
SetLastError
GlobalFlags
GetEnvironmentStrings
CompareStringW
GetCurrentThread
TlsSetValue
UnhandledExceptionFilter
GetCPInfo
GetVersionExA
HeapCreate
GetEnvironmentStringsA
TlsFree
GetLastError
HeapDestroy
GetLocaleInfoA
DeleteFiber
InterlockedIncrement
WriteFile
GetUserDefaultLCID
GetProcAddress
EnumSystemLocalesA
GetTimeZoneInformation
HeapFree
GetAtomNameA
GetFileType
GetStringTypeA
IsDebuggerPresent
VirtualQuery
SetHandleCount
IsValidCodePage
Sleep
GetCommandLineA
IsValidLocale
WideCharToMultiByte
GetStringTypeW
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
EnterCriticalSection
CompareStringA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LeaveCriticalSection
GetModuleHandleA
GetProcessHeap
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsAlloc
InitializeCriticalSection
GetEnvironmentStringsW
GetStartupInfoA
GetCurrentProcessId
GetModuleFileNameA
MultiByteToWideChar
GetDateFormatA
GetPrivateProfileSectionNamesA
GetTickCount
InterlockedDecrement
FreeLibrary
GetOEMCP
TlsGetValue
SetUnhandledExceptionFilter
RtlUnwind
GetLocaleInfoW
GetSystemTimeAsFileTime
InterlockedExchange
SetConsoleCtrlHandler
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStdHandle

shell32

SHBrowseForFolder
ExtractAssociatedIconExW
SHFreeNameMappings
DragQueryPoint
SHGetFileInfoW

user32

ExcludeUpdateRgn
CreateWindowExA
CharNextW
EnumPropsW
CharPrevW
SystemParametersInfoA
MessageBoxW
BeginDeferWindowPos
UnionRect
SetRectEmpty
EnableWindow
CheckMenuItem
ExitWindowsEx
InsertMenuItemW
GetMenuDefaultItem
SetScrollPos
SetClipboardViewer
GetWindowInfo
GetCursor

wininet

InternetShowSecurityInfoByURL
ShowClientAuthCerts
InternetReadFileExA
FindFirstUrlCacheContainerA
InternetFindNextFileW
GetUrlCacheGroupAttributeW
CreateUrlCacheContainerA
FtpDeleteFileW
GopherGetLocatorTypeA
FtpGetCurrentDirectoryW
LoadUrlCacheContent
InternetUnlockRequestFile
FtpSetCurrentDirectoryA
InternetFortezzaCommand
SetUrlCacheConfigInfoA
GopherCreateLocatorW
UpdateUrlCacheContentPath
RetrieveUrlCacheEntryFileW
InternetSecurityProtocolToStringA

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92e1239c66af7474c6e4b7747eb2cd9a

Headers

File Characteristics

Imports

kernel32

shell32

user32

wininet

Sections

.text Size: 130KB - Virtual size: 129KB

.data Size: 114KB - Virtual size: 134KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 130KB - Virtual size: 129KB

.data
Size: 114KB - Virtual size: 134KB

.rsrc
Size: 7KB - Virtual size: 7KB