6f71b0270a4a97acb82e6b907fd09b41

Sharing

Copy URL

Twitter E-mail

General

Target

6f71b0270a4a97acb82e6b907fd09b41
Size

392KB
MD5

6f71b0270a4a97acb82e6b907fd09b41
SHA1

0434f10a84bfba1fe225789ee7fff7bef6c9c5a9
SHA256

ddd107a65f7db1a5ebfcf568aa83603ee5fa5d305d8f5f0ee2503c4792b560b1
SHA512

9da21fdd288d302bad883ec48df013bc7719433eebf08c574b11a44e8a93ea04c70ebd00f7f077b23e2b5494b6e078a54348360b16e8524d445538f3e685f174
SSDEEP

6144:774+JWH8oT3GseMGf1hvA5Q4OZqzZejqanKg3MFtnKauN:34+JQRTlnGf1hvSOZqzMf8FwauN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f71b0270a4a97acb82e6b907fd09b41

Files

6f71b0270a4a97acb82e6b907fd09b41
.exe windows:4 windows x86 arch:x86

3fa1831ca2a92a7ec82c107cbb9f7667

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetFileSize
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
GetStartupInfoW
ExitProcess
RtlUnwind
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
GetDriveTypeA
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
DuplicateHandle
GetThreadLocale
GetProcessVersion
GetCurrentDirectoryW
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FindNextFileW
FindFirstFileW
FindClose
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
lstrcpynW
EnterCriticalSection
FormatMessageW
LocalFree
InterlockedDecrement
InterlockedIncrement
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenA
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GlobalUnlock
GlobalFree
InterlockedExchange
LockResource
FindResourceW
LoadResource
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
GetCurrentThread
GetCurrentThreadId
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
VirtualProtect
GetTickCount
CreateToolhelp32Snapshot
GetLastError
Process32FirstW
DeleteFileW
CopyFileW
GetProcAddress
Thread32First
OpenThread
QueueUserAPC
Thread32Next
CloseHandle
Process32NextW
GetModuleHandleW
SetHandleCount
Sleep

user32

CharUpperW
RegisterClipboardFormatW
PostThreadMessageW
LoadStringW
GetSysColorBrush
PtInRect
GetClassNameW
LoadCursorW
GetDesktopWindow
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
CheckRadioButton
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
DestroyMenu
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
RegisterWindowMessageW
OffsetRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableW
CharNextW
GetFocus
GetNextDlgTabItem
GetMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
SetCursor
PostQuitMessage
PostMessageW
FindWindowW
GetWindowThreadProcessId
wsprintfW
LoadIconW
EnableWindow
GetClientRect
IsIconic
SendMessageW
DrawIcon
PeekMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
GetDlgCtrlID
UnregisterClassW

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetTextColor
GetBkColor
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
DPtoLP
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

AdjustTokenPrivileges
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW

comctl32

ord17

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject

olepro32

ord253

oleaut32

SysStringLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

wininet

InternetCloseHandle
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetOpenUrlW

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fa1831ca2a92a7ec82c107cbb9f7667

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 24KB - Virtual size: 20KB

.vmp0 Size: 128KB - Virtual size: 124KB

.reloc Size: 4KB - Virtual size: 104B

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 24KB - Virtual size: 20KB

.vmp0
Size: 128KB - Virtual size: 124KB

.reloc
Size: 4KB - Virtual size: 104B