6f70aa5c39c09198231e0621beb3eeca

Sharing

Copy URL Twitter E-mail

General

Target

6f70aa5c39c09198231e0621beb3eeca
Size

2.7MB
MD5

6f70aa5c39c09198231e0621beb3eeca
SHA1

ec1e930dce1ac14c2e9bf12bc4688b4c8cc17f0c
SHA256

2cb899ddd804f9b6eee099ea6a67ce965c87d1d02fa5f9c0063a1f847bc15819
SHA512

629d64b45968ce5f168dee8edfa32c1b3e333c630a193cf5e0752453975c1d5cf1d4f2acd60bb6a796a9063cd081437a454fa20d81e6575f17a7eaf21b3e2ce5
SSDEEP

49152:Qc+ToGCn3rrg0Al8sE5qrqLODPfFtJ7kWn4ce8dRR5+bLmdJWnoZSjv5HQb6u:QcZZr0l8wqLOr3J7k6df5+XmdMBv5xu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f70aa5c39c09198231e0621beb3eeca

Files

6f70aa5c39c09198231e0621beb3eeca
.exe windows:5 windows x86 arch:x86

aacf702f657501462f522d637136e841

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
SetFilePointer
GetFileSize
ReadFile
WriteFile
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
lstrcatW
GetWindowsDirectoryW
MoveFileExW
GetShortPathNameW
DeleteFileW
SetFileAttributesW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetVersionExW
CreateDirectoryW
GetTickCount
GetTempPathW
GetLastError
CreateEventW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
Sleep
HeapAlloc
HeapFree
GetStartupInfoW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers

user32

wsprintfW
MessageBoxW
wsprintfA

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aacf702f657501462f522d637136e841

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 23KB - Virtual size: 23KB