6ed3b15da0c51c2ca9bac5cbdf6c0287

Sharing

Copy URL Twitter E-mail

General

Target

6ed3b15da0c51c2ca9bac5cbdf6c0287
Size

812KB
MD5

6ed3b15da0c51c2ca9bac5cbdf6c0287
SHA1

b155a2089eb7535d5d6ae8d0d092140c91853669
SHA256

6cf96130bea5b79726245954f25b84f0bc762f55235ac3e468592db5ee4588c3
SHA512

8a6f0d2bdf1c7cca589fd178f244bd1f2b9e6eb494cc4b5245c4f2c1c44c6c06baf5115a94ce6c7d594053caedd80317f2a54dc545b56a685a77aae5e79061af
SSDEEP

12288:hxHe/g7HKvaxguVsorSfiijnVvzP7aO8APvT3nt9nm6ZAoCwq6KDADY6CAV:Xe/g7KIguVQfdVrPwAnTmI3/kAnXV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ed3b15da0c51c2ca9bac5cbdf6c0287

Files

6ed3b15da0c51c2ca9bac5cbdf6c0287
.exe windows:4 windows x86 arch:x86

64ea9f1bc7977d257f2df03c38e00506

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrcpyA
GetVersionExA
lstrlenA
DeleteFileA
FindClose
FindFirstFileA
WaitForSingleObject
CloseHandle
SetEvent
OpenEventA
lstrcatA
GetFullPathNameA
GetModuleFileNameA
GetFileAttributesA
CopyFileA
GetTempFileNameA
GetExitCodeProcess
CreateProcessA
Sleep
GetTempPathA
IsBadWritePtr
CreateFileA
IsBadStringPtrA
LockResource
LoadResource
SizeofResource
FindResourceA
WaitForMultipleObjects
CreateEventA
OpenProcess
GetCurrentProcessId
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetEndOfFile
UnhandledExceptionFilter
GetProcAddress
ReadFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GetLastError
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
SetFilePointer
WriteFile
GetEnvironmentVariableA
HeapDestroy

user32

GetDlgItem
MessageBoxA
SendMessageA
wsprintfA
DialogBoxParamA
EndDialog
GetDlgItemTextA
SetFocus
EnableWindow
SetDlgItemTextA
GetWindowRect
GetSystemMetrics
MoveWindow
SetWindowTextA

shell32

SHGetFileInfoA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ea9f1bc7977d257f2df03c38e00506

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 16KB - Virtual size: 36KB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 16KB - Virtual size: 36KB

.rsrc
Size: 52KB - Virtual size: 50KB