6e6c6dc982a5b1f9635f6568cb847473

Sharing

Copy URL

Twitter E-mail

General

Target

6e6c6dc982a5b1f9635f6568cb847473
Size

67KB
MD5

6e6c6dc982a5b1f9635f6568cb847473
SHA1

f75f96d4b7d83fd574f26de9e00aa897ab1ef2ff
SHA256

db8849ba83a2cae1575653ffa0b9cca273f3e00429892e4fd0087c93cc88c94e
SHA512

6a68d4836862414a0137e4cd7868d4af0fa1f14d58f8d676798a60f0aa8279296516d5a76c78d5bf602763781d38add6a55e4e3d71d3fbd79f6525d68ac926e3
SSDEEP

768:qNjG4lDDe0ObeXAkRBNlNAaQHdQG1MujG/cYgug/+j1mmiR78B3VTlQS3jpeXGx0:4Je0ObAR7SxmcYPg0Qd0hlEpt8U4y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e6c6dc982a5b1f9635f6568cb847473

Files

6e6c6dc982a5b1f9635f6568cb847473
.exe windows:5 windows x86 arch:x86

8781f2bafa0a5bf0ee908d31a5da8832

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetParent
UnloadKeyboardLayout
CharUpperW
InSendMessageEx
GetScrollPos
GetWindowRect
MapVirtualKeyA
GetClassNameW
PostThreadMessageW
DrawFrameControl
CharToOemBuffA
EnableMenuItem
IsWindowUnicode
LoadIconA

ntdll

_stricmp
memset

shlwapi

PathMakePrettyW
StrSpnA

kernel32

FileTimeToSystemTime
GetCurrentThreadId
ExitProcess
OpenFileMappingW
GetLocalTime
SetSystemTime
InterlockedExchangeAdd
InterlockedExchange
lstrlenA
OpenFileMappingA
GetCurrentProcessId

gdi32

EnumFontsW
GetCurrentObject
ScaleViewportExtEx
SelectPalette
CreateFontIndirectW
SaveDC

Exports

Exports

?_tp_q_cu_I_tmj_v_v@@YGIJ@Z
?KKY__VFI@@YGXK@Z
?P_JytmucRnihfr__@@YGEJF@Z
?CSERPi_XMVWQJUYN@@YGKJPAN@Z
?HI_VswOZ@@YGPAFPAF@Z
?H___LWOOBBX_SZGX_d@@YGKPAGPAI@Z

Sections

.code
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8781f2bafa0a5bf0ee908d31a5da8832

Headers

File Characteristics

Imports

user32

ntdll

shlwapi

kernel32

gdi32

Exports

Exports

Sections

.code Size: 23KB - Virtual size: 22KB

.data Size: 28KB - Virtual size: 96KB

.rdata Size: 10KB - Virtual size: 10KB

.edata Size: 512B - Virtual size: 346B

.import Size: 1024B - Virtual size: 948B

.rsrc Size: 9KB - Virtual size: 12KB

.reloc Size: 1KB - Virtual size: 1KB

.code
Size: 23KB - Virtual size: 22KB

.data
Size: 28KB - Virtual size: 96KB

.rdata
Size: 10KB - Virtual size: 10KB

.edata
Size: 512B - Virtual size: 346B

.import
Size: 1024B - Virtual size: 948B

.rsrc
Size: 9KB - Virtual size: 12KB

.reloc
Size: 1KB - Virtual size: 1KB