6e8e15bde42db63fd54a97037186a10f

General

Target

6e8e15bde42db63fd54a97037186a10f
Size

80KB
MD5

6e8e15bde42db63fd54a97037186a10f
SHA1

50fae37c0f35c43e6ba0f3ed166028968b98d7ea
SHA256

2afa00449331947acaebe5b69bc26124217d5506eced65c104bd1d5b97f21735
SHA512

f78d54ab1a41dafe1ddd1511aa78c30d9ab94a41de58d92f0f2fe6dcf61abd04501e31e832b7fbaddf1c3c5a1e5265971c9f5438a0fe22cd408cee2496a0ae41
SSDEEP

1536:uTFjnG54ia75P75GIOy3iY5hzOSC7QHLrkNqv/RwVS84b7:QG5U1P75RJ5h6QrrkNe/RgS8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e8e15bde42db63fd54a97037186a10f

Files

6e8e15bde42db63fd54a97037186a10f
.exe windows:4 windows x86 arch:x86

176d15ccfe47fb1ae0c5b0c7da322f10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
MapViewOfFileEx
OutputDebugStringA
GetPrivateProfileIntA
GetFullPathNameA
VirtualProtect
WaitForSingleObject
CompareStringA
GetExitCodeThread
GetLastError
HeapCreate
VirtualAlloc
GetModuleHandleA
GetBinaryType
GetPrivateProfileSectionA
IsBadHugeWritePtr
CreateFileMappingA
VirtualFree
ExitProcess
TlsAlloc
InterlockedCompareExchange
FindResourceW
GetFileSize
DeleteCriticalSection
GetModuleHandleW
IsDBCSLeadByte

msvcrt

atan
fputs
isupper
_sopen
ftell
isalnum
setvbuf
ispunct
fwprintf
isprint
_Getmonths
_mbsnicoll
exp
_wfindfirst64
longjmp
_hypot
memcpy
isspace

user32

AdjustWindowRect
GetDlgItemInt
LoadStringA
SetWindowTextW
GetNextDlgTabItem
ModifyMenuW
OpenIcon
CharNextA
ReleaseDC
LoadStringW

gdi32

SetPixel
GetStockObject
GetNearestPaletteIndex
SetRectRgn
GetTextMetricsW
SetDIBits
GetObjectW

Exports

Exports

Wfar
ZpQamwBixpdyuRfjdlarKpd
FhwcDcy

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 870B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

176d15ccfe47fb1ae0c5b0c7da322f10

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 870B

.debug Size: 1KB - Virtual size: 1KB

.rsrc Size: 46KB - Virtual size: 45KB

.reloc Size: 512B - Virtual size: 160B

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 870B

.debug
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 46KB - Virtual size: 45KB

.reloc
Size: 512B - Virtual size: 160B