6ec526ea93891ffe248157a1cc3559b9

Sharing

Copy URL Twitter E-mail

General

Target

6ec526ea93891ffe248157a1cc3559b9
Size

55KB
MD5

6ec526ea93891ffe248157a1cc3559b9
SHA1

bcf719d2f7c001ee0575580853ae3a82b4753862
SHA256

e407107400142b48132728a690cb6b6ceb2d6b871f54412670f2329cf7983f7b
SHA512

4d571d7c7449dc1fc5fce933f75f44d970362cfe149128e1ad82cd47c5790e9e1062e55bdb0083050777ef8a707c952c38d689013e568947d63df40a06ff96b7
SSDEEP

1536:IuPyTkMt0XuSZbNefj+9F0R/tsKZQQRg+g:9PyoMAjb09pg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ec526ea93891ffe248157a1cc3559b9

Files

6ec526ea93891ffe248157a1cc3559b9
.dll windows:4 windows x86 arch:x86

75207c14060050d19cdf0c912900f050

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

kernel32

CreateIoCompletionPort
HeapFree
Beep
CopyFileW
CopyFileExW
CopyFileExA
CopyFileA
ConvertThreadToFiber
ConvertDefaultLocale
ContinueDebugEvent
ConnectNamedPipe
CompareStringW
CompareStringA
CompareFileTime
CommConfigDialogW
CreateMailslotW
CreateMailslotA
CreateJobObjectW
CreateJobObjectA
CreateHardLinkW
CreateHardLinkA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateFiberEx
CreateFiber
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryA
CreateConsoleScreenBuffer
HeapAlloc
GetProcessHeap

user32

ChildWindowFromPointEx
ChildWindowFromPoint
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton

msvcrt

memset

winmm

mmioInstallIOProcA

setupapi

SetupDiCreateDeviceInfoW
CM_Locate_DevNodeA
CM_Locate_DevNodeW
CM_Locate_DevNode_ExA
CM_Locate_DevNode_ExW
CM_Merge_Range_List
CM_Modify_Res_Des
CM_Modify_Res_Des_Ex
CM_Move_DevNode
CM_Move_DevNode_Ex
CM_Next_Range
CM_Open_Class_KeyA
CM_Open_Class_KeyW
CM_Open_Class_Key_ExA
CM_Open_Class_Key_ExW
CM_Open_DevNode_Key
CM_Open_DevNode_Key_Ex
CM_Query_And_Remove_SubTreeA
CM_Query_And_Remove_SubTreeW
CM_Query_And_Remove_SubTree_ExA
CM_Query_And_Remove_SubTree_ExW
CM_Query_Arbitrator_Free_Data
CM_Query_Arbitrator_Free_Data_Ex
CM_Query_Arbitrator_Free_Size
CM_Query_Arbitrator_Free_Size_Ex
CM_Query_Remove_SubTree
CM_Query_Remove_SubTree_Ex
CM_Query_Resource_Conflict_List
CM_Reenumerate_DevNode
CM_Reenumerate_DevNode_Ex
CM_Register_Device_Driver
CM_Register_Device_Driver_Ex
CM_Register_Device_InterfaceA
CM_Register_Device_InterfaceW
CM_Register_Device_Interface_ExA
CM_Register_Device_Interface_ExW
CM_Remove_SubTree
CM_Remove_SubTree_Ex
SetupDiGetClassDescriptionA
SetupDiGetClassBitmapIndex
SetupDiEnumDriverInfoW
SetupDiEnumDriverInfoA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDrawMiniIcon
SetupDiDestroyDriverInfoList
SetupDiDestroyDeviceInfoList
SetupDiDestroyClassImageList
SetupDiDeleteDeviceInterfaceData
SetupDiDeleteDeviceInfo
SetupDiDeleteDevRegKey
SetupDiCreateDeviceInterfaceW
SetupDiCreateDeviceInterfaceRegKeyW
SetupDiCreateDeviceInterfaceRegKeyA
SetupDiCreateDeviceInterfaceA
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoListExA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiCreateDevRegKeyW
SetupDiCreateDevRegKeyA
SetupDiClassNameFromGuidW
SetupDiClassNameFromGuidExW
SetupDiClassNameFromGuidExA
SetupDiClassNameFromGuidA
SetupDiClassGuidsFromNameW
SetupDiClassGuidsFromNameExW
SetupDiClassGuidsFromNameExA
SetupDiClassGuidsFromNameA
SetupDiChangeState
SetupDiCancelDriverInfoSearch
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiBuildClassInfoListExW
SetupDiBuildClassInfoListExA
SetupDiBuildClassInfoList
SetupDiAskForOEMDisk
ExtensionPropSheetPageProc
CM_Unregister_Device_Interface_ExW
CM_Unregister_Device_Interface_ExA
CM_Unregister_Device_InterfaceW
CM_Unregister_Device_InterfaceA
CM_Uninstall_DevNode_Ex
CM_Uninstall_DevNode
CM_Test_Range_Available
CM_Setup_DevNode_Ex
CM_Setup_DevNode
CM_Set_HW_Prof_Flags_ExW
CM_Set_HW_Prof_Flags_ExA
CM_Set_HW_Prof_FlagsW
CM_Set_HW_Prof_FlagsA
CM_Set_HW_Prof_Ex
CM_Set_HW_Prof
CM_Set_DevNode_Registry_Property_ExW
CM_Set_DevNode_Registry_Property_ExA
CM_Set_DevNode_Registry_PropertyW
CM_Set_DevNode_Registry_PropertyA
CM_Set_DevNode_Problem_Ex
CM_Set_DevNode_Problem
CM_Set_Class_Registry_PropertyW
CM_Set_Class_Registry_PropertyA
CM_Run_Detection_Ex
CM_Run_Detection
CM_Request_Eject_PC_Ex
CM_Request_Eject_PC
CM_Request_Device_Eject_ExW
CM_Request_Device_Eject_ExA
CM_Request_Device_EjectW
CM_Request_Device_EjectA

Exports

Exports

oeiiwdxls

Sections

.code
Size: 45KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75207c14060050d19cdf0c912900f050

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

msvcrt

winmm

setupapi

Exports

Exports

Sections

.code Size: 45KB - Virtual size: 134KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1B

.data Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 776B

.reloc Size: 1024B - Virtual size: 980B

.code
Size: 45KB - Virtual size: 134KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1B

.data
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 1024B - Virtual size: 980B