6eea374620c28305d218f7867e663fa6

Sharing

Copy URL

Twitter E-mail

General

Target

6eea374620c28305d218f7867e663fa6
Size

356KB
MD5

6eea374620c28305d218f7867e663fa6
SHA1

f2d0ee1a002372ba7425aa3a1e427b4354d30ea9
SHA256

e79f17cd4c3d1c083f0ce0c7c9b904f55fafa2c1a8b795b9c7135500e3c51a26
SHA512

15d097be4faa6ada522db4ebccbc546d7911558577bb1beacbae73387aaf4eb0649a12ba45d030892a861578fa86ad43c62f1fd2e04ef61b8270ab14388ad8a9
SSDEEP

6144:WXI/t3fDRbe+aSXiopLsK2xbKuRfeCnyry/NSGmySLwWeym9:PfD9e+aSXiisK2FKifeCyry1sMr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6eea374620c28305d218f7867e663fa6

Files

6eea374620c28305d218f7867e663fa6
.exe windows:4 windows x86 arch:x86

fe33020f8765aa5c535d3b8a8435e20f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

zlib

ord80
ord82
ord83
ord84
ord67
ord68
ord64
ord66
ord65
ord63
ord61
ord72
ord81
ord62

kernel32

SetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
InterlockedExchange
CompareStringA
FreeLibrary
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
EnumResourceLanguagesW
GlobalMemoryStatus
GetSystemInfo
FindClose
GetACP
MulDiv
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
ExitProcess
ReadFile
CreateThread
WriteFile
IsBadWritePtr
VirtualQuery
SetFilePointer
CloseHandle
ExitThread
SetUnhandledExceptionFilter
GetLastError
InterlockedDecrement
LoadResource
LockResource
Sleep
SetEnvironmentVariableA
FindResourceA
GlobalAddAtomA
GetProfileStringA
GetOEMCP
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
LCMapStringA
InterlockedIncrement
lstrlenA
LocalFree
GlobalFree
GlobalDeleteAtom
GetCurrentThreadId
GetThreadLocale
DuplicateHandle
GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetCurrentThread
lstrcmpiA
lstrcmpA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalFlags
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
HeapFree
HeapAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

gdi32

LPtoDP
ExtTextOutA
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
RestoreDC
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
GetBkColor
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetStockObject
GetDeviceCaps
SelectObject
GetTextColor
DPtoLP
PatBlt
GetMapMode
Escape
RectVisible
PtVisible
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
DeleteObject

user32

TranslateMessage
ScreenToClient
GetWindowRect
ShowWindow
CopyRect
GetDlgItem
OffsetRect
DestroyWindow
wvsprintfA
GetDesktopWindow
PostQuitMessage
GetParent
IsWindowVisible
GetKeyState
SetCursor
ReleaseCapture
RedrawWindow
SetCapture
BeginPaint
EndPaint
GetClientRect
ClientToScreen
AdjustWindowRectEx
MoveWindow
GetWindow
GetDlgCtrlID
GetDC
ReleaseDC
InvalidateRect
SetTimer
KillTimer
DrawTextA
GetWindowTextA
ExcludeUpdateRgn
ShowCaret
HideCaret
GetWindowTextLengthA
PtInRect
IsWindowEnabled
GetSystemMetrics
IsWindow
SetActiveWindow
GetActiveWindow
EndDialog
GetNextDlgTabItem
GetWindowPlacement
IsIconic
IntersectRect
SetWindowPos
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
CallNextHookEx
SetWindowPlacement
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
GetCapture
IsChild
GetTopWindow
DrawFocusRect
SetFocus
GetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetWindowDC
InflateRect
GetCursorPos
ValidateRect
SetWindowContextHelpId
MapDialogRect
GetSysColorBrush
DestroyMenu
SetRect
GetNextDlgGroupItem
MessageBeep
GetClassNameA
SendMessageA
SetWindowsHookExA
CharNextA
DefWindowProcA
DefDlgProcA
GetClassInfoA

ole32

CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoTaskMemFree
OleFlushClipboard

oleaut32

VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocString
SysFreeString
OleLoadPicture
SysStringLen
SysAllocStringLen
VariantCopy

oledlg

ord3
ord1

shell32

SHGetDesktopFolder

comctl32

ord17

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey

olepro32

ord253

wsock32

htonl
connect
recv
send
WSAGetLastError
inet_ntoa
htons
closesocket
gethostbyname
WSAStartup
inet_addr
gethostname
socket
WSAAsyncSelect

wininet

InternetSetOptionW
InternetOpenUrlW
InternetSetStatusCallback
InternetCrackUrlW
InternetOpenW
InternetReadFileExA
InternetCloseHandle
HttpQueryInfoW

winspool.drv

ClosePrinter

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe33020f8765aa5c535d3b8a8435e20f

Headers

File Characteristics

Imports

zlib

kernel32

gdi32

user32

ole32

oleaut32

oledlg

shell32

comctl32

advapi32

olepro32

wsock32

wininet

winspool.drv

Sections

.text Size: 240KB - Virtual size: 239KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 28KB - Virtual size: 62KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 240KB - Virtual size: 239KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 28KB - Virtual size: 62KB

.rsrc
Size: 32KB - Virtual size: 29KB