6e1e8fde2ea941242cfb2a1c9080316c

General

Target

6e1e8fde2ea941242cfb2a1c9080316c
Size

162KB
MD5

6e1e8fde2ea941242cfb2a1c9080316c
SHA1

8905b299ea62c08688936acf2f03f7773c32dd02
SHA256

768d9086c24df89b8cd768308320ff0eedd62100732248ed8541ddf6fdc94e71
SHA512

693fa99a2e716601925c891e572bd6ef284adc180937020981835ef009a6aa6515ee112fb8f9062429371b25697f2b36a6a6637f24023dca4b51aa7a0572cff0
SSDEEP

3072:p1aK0X6XH9ewDimPeypy6Lend712n/gWJYF/KfNQROuAIA0iFBVOg:p1H0MdtLG0y5712/gWJ6WmRwhbBQg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e1e8fde2ea941242cfb2a1c9080316c

Files

6e1e8fde2ea941242cfb2a1c9080316c
.exe windows:4 windows x86 arch:x86

8d18340134e9479a681dc8ae36de4ea9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueA
OpenSCManagerA
OpenServiceA
GetUserNameA
OpenProcessToken

ole32

CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoInitialize

user32

GetKeyNameTextA
ChangeDisplaySettingsA
ShowWindow
MessageBoxA

kernel32

FindClose
Sleep
SetFileAttributesA
HeapFree
DeleteFileA
FindFirstFileA
TerminateProcess
GetEnvironmentVariableA
DosDateTimeToFileTime
SetEvent
GetSystemTime
ExitVDM
DeviceIoControl
DeleteCriticalSection
SetLastError
CreateDirectoryA
FindNextFileA
ExitProcess
GetFileSize
QueryPerformanceCounter
SetErrorMode
CreateEventA
GetFileAttributesA
QueryDosDeviceA
SetFileTime
CreateFileA
GetDriveTypeA
GetProcessHeap
MoveFileA
SystemTimeToFileTime
MoveFileExA
WaitForSingleObject
LocalFileTimeToFileTime
ReadFile
CreateEventW
CopyFileA
FormatMessageA
LeaveCriticalSection
GetExitCodeProcess
SetFilePointer
WaitForMultipleObjects
GetTickCount
HeapAlloc
SetUnhandledExceptionFilter
RemoveDirectoryA
GetLastError
SetEndOfFile
WriteFile
GetModuleHandleA
GetCurrentThreadId
FlushFileBuffers
OpenEventA
GetCurrentDirectoryA
SetEnvironmentVariableA
FreeLibrary
EnterCriticalSection
LoadLibraryA
GetProcAddress
GetSystemTimeAsFileTime
CloseHandle
GetCurrentProcess
GetVersionExA
CreateThread
GetCurrentProcessId
CreateProcessA
GetThreadSelectorEntry
GetModuleFileNameA
SetConsolePalette
GetDiskFreeSpaceA
GetCommandLineA
GetSystemDirectoryA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 146KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d18340134e9479a681dc8ae36de4ea9

Headers

File Characteristics

Imports

advapi32

ole32

user32

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 116KB

.rsrc Size: 2KB - Virtual size: 1KB

.text1 Size: 146KB - Virtual size: 271KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 116KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text1
Size: 146KB - Virtual size: 271KB