6f96debec0ecc7d9e994a9027c872175

Sharing

Copy URL Twitter E-mail

General

Target

6f96debec0ecc7d9e994a9027c872175
Size

108KB
MD5

6f96debec0ecc7d9e994a9027c872175
SHA1

460c9290a3de9cc63150ae7a976905246ff717b4
SHA256

4f92c3f677c0407fcb1763ab5cf8c5bde4aff409ca7908f44e7104b308591171
SHA512

93782d9342979e4b41eb15ed679cba725d2f400a2be6dc322177d2429db1a871c9bfae30417a54a35d5b18f54a6f56263e8b742e25c5212a30a922636cdf908c
SSDEEP

1536:9Ily2lGtgJmKIY1F4b13WP/4oxllB00p:9Oy2ldQbZWPAoLM0p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f96debec0ecc7d9e994a9027c872175

Files

6f96debec0ecc7d9e994a9027c872175
.exe windows:4 windows x86 arch:x86

6e017c6f81b5b99164273dacb54da3cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
MulDiv
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetWindowsDirectoryA
GetLogicalDrives
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
GetLastError
HeapSize
HeapReAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
HeapFree
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GetFileAttributesA
GetDriveTypeA
CreateFileA
CloseHandle
DeviceIoControl
Beep
GetEnvironmentStrings
GetSystemDirectoryA
DeleteFileA
WinExec
Sleep
GetEnvironmentStringsW
GetVersion

user32

EndDialog
SetDlgItemTextA
DialogBoxParamA
BeginPaint
GetClientRect
FillRect
MoveWindow
DrawTextA
EndPaint
PostQuitMessage
SendMessageA
GetSystemMetrics
LoadCursorA
MessageBoxA
ShowWindow
UpdateWindow
SetWindowPos
wsprintfA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
SetActiveWindow
FindWindowA
DefWindowProcA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetMenuItemID
LoadMenuA
GetSubMenu
DestroyMenu
SetMenuDefaultItem
LoadStringA
KillTimer
LoadIconA
DestroyWindow
CreateWindowExA
RegisterClassExA
RegisterWindowMessageA

gdi32

CreateFontA
CreateSolidBrush
SetBkMode
SelectObject
SetTextColor
GetDeviceCaps

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegCloseKey

shell32

Shell_NotifyIconA

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e017c6f81b5b99164273dacb54da3cb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 28KB

.rsrc Size: 32KB - Virtual size: 60KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 28KB

.rsrc
Size: 32KB - Virtual size: 60KB