6eb84873d9171bedf9c1ba34e3be0bee

Sharing

Copy URL Twitter E-mail

General

Target

6eb84873d9171bedf9c1ba34e3be0bee
Size

220KB
MD5

6eb84873d9171bedf9c1ba34e3be0bee
SHA1

740dbd87428a20603d881fc2da0446b9af8fc718
SHA256

3f7b96cad4646085208e25fadd48e596d05d163d6cb7dfb41d13be2066159fcb
SHA512

675ae63ca77349f7ac213ac9fccc05c1a9544b837e087dd1fd296245ca8494aaf31072d9e2c4a648220f0ca2690b5eb0a4a1ff200f81b7c660c90cbbd520f464
SSDEEP

3072:YyiIL2aUStYI4kOojhmlDUaKhVV4dD+mO3teRlZhCsonznSBtn3l4:g2bukOkhK4aKhVV/lHzV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6eb84873d9171bedf9c1ba34e3be0bee

Files

6eb84873d9171bedf9c1ba34e3be0bee
.exe windows:4 windows x86 arch:x86

1665839200a65d025db1cbab5f8050be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetSecurityDescriptorLength
GetKernelObjectSecurity

kernel32

GetVolumeInformationA
GetFileAttributesA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
GetVersion
GetFileType
GetFileTime
ReadFile
SetConsoleMode
GetConsoleMode
FindNextFileA
GetLastError
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
InterlockedExchange
CreateMutexA
lstrcpynA
GetDriveTypeA
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
lstrlenA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
MultiByteToWideChar
MoveFileA
SetStdHandle
HeapReAlloc
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetFilePointer
SetHandleCount
GetStdHandle
GetStartupInfoA
WriteFile
FlushFileBuffers
WideCharToMultiByte
UnhandledExceptionFilter
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetTimeZoneInformation
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
VirtualProtect
GetSystemInfo
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
RtlUnwind
LCMapStringA
LCMapStringW
GetLocaleInfoW
DeleteFileA
SetFileAttributesA
GetFileInformationByHandle
PeekNamedPipe
RemoveDirectoryA
SetEnvironmentVariableW
GetCurrentDirectoryA
GetExitCodeProcess
CreateProcessA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rxxjiw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 77KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1665839200a65d025db1cbab5f8050be

Headers

File Characteristics

Imports

advapi32

kernel32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 312KB

rxxjiw Size: - Virtual size: 4KB

Size: 80KB - Virtual size: 77KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 312KB

rxxjiw
Size: - Virtual size: 4KB