f6aa6e8a3270bc871fc2c4ba31da0167

Sharing

Copy URL Twitter E-mail

General

Target

f6aa6e8a3270bc871fc2c4ba31da0167
Size

259KB
MD5

f6aa6e8a3270bc871fc2c4ba31da0167
SHA1

2e6267f58e35ff2b8e3c20d2fde254ef7e829b2a
SHA256

3ddece54fb4e16215395a7dd1ff2efa01db3d722b1791a7315376dddbb0ce042
SHA512

0d8262fc52d82af69abf43cc31c5c4a19fd0a25d2c3026e0aedffb35349770c3489e1afc62d310234212fa95dfdb1c8e053e704724a3a7324d867439e03e1c4e
SSDEEP

6144:uNtJIZHTutDjIzebMsoM0xiXqVL5+IuwHpuXNjUl3w:OK+Dczebnd0AXqVd+IZwjUW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6aa6e8a3270bc871fc2c4ba31da0167

Files

f6aa6e8a3270bc871fc2c4ba31da0167
.exe .js windows:4 windows x86 arch:x86 polyglot

be0347c9d016da86a19fe9ba1649175f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance

kernel32

HeapReAlloc
GetOverlappedResult
CreateEventW
EnterCriticalSection
CloseHandle
FindResourceExW
GetSystemInfo
GetFileSize
UnregisterWaitEx
ResumeThread
LockResource
HeapDestroy
UnhandledExceptionFilter
WaitForSingleObjectEx
LoadResource
GetThreadContext
SetNamedPipeHandleState
GetModuleHandleW
VirtualFree
HeapFree
TlsGetValue
SuspendThread
GetSystemTimeAsFileTime
CancelIo
CreateWaitableTimerW
RaiseException
HeapSize
SizeofResource
SetThreadPriority
TlsSetValue
GetCurrentThreadId
OutputDebugStringA
OpenThread
FindResourceW
GetTimeZoneInformation
GetStdHandle
IsDebuggerPresent
SetWaitableTimer
WriteFile
RtlCaptureContext
GetProcessHeap
CreateFileW
GetFileType
GetThreadTimes
ReadFile
ReleaseSemaphore
VirtualAlloc
LeaveCriticalSection
RegisterWaitForSingleObject
CancelWaitableTimer
DeleteCriticalSection
HeapAlloc
CreateSemaphoreA
TlsAlloc
GetCommandLineW
lstrlenA
WaitForSingleObject
SetUnhandledExceptionFilter
VirtualAllocEx
GetModuleHandleA

winmm

timeGetTime

user32

MessageBoxW

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

advapi32

RegEnumKeyW
RegOpenKeyExW
TraceMessage
GetTraceEnableLevel
RegQueryValueExW
GetTraceLoggerHandle
RegEnumValueW
UnregisterTraceGuids
RegCloseKey
RegQueryInfoKeyW
RegisterTraceGuidsW
GetTraceEnableFlags
ControlTraceW

shlwapi

PathAddBackslashW

winspool.drv

DocumentEvent
GetPrinterDriverDirectoryA
SplDriverUnloadComplete
GetPrinterDriverA
DocumentPropertiesA
EndDocPrinter
SetDefaultPrinterA
GetPrintProcessorDirectoryW
AddPortExA
FlushPrinter
DeletePrinterDataExW
StartDocPrinterW

softpub

SoftpubDefCertInit
DllUnregisterServer
OpenPersonalTrustDBDialog

Sections

.LPfxR
Size: 512B - Virtual size: 15KB

IMAGE_SCN_MEM_READ

.eJCh
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ

.lrHXO
Size: 512B - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qVBxg
Size: 1024B - Virtual size: 759B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YpaQGG
Size: 512B - Virtual size: 463B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EPUG
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Kkqg
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CKOc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkSR
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FLjQRU
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BiSHzYR
Size: 1024B - Virtual size: 783B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be0347c9d016da86a19fe9ba1649175f

Headers

File Characteristics

Imports

ole32

kernel32

winmm

user32

oleaut32

advapi32

shlwapi

winspool.drv

softpub

Sections

.LPfxR Size: 512B - Virtual size: 15KB

.eJCh Size: 2KB - Virtual size: 24KB

.lrHXO Size: 512B - Virtual size: 21KB

.text Size: 19KB - Virtual size: 19KB

.qVBxg Size: 1024B - Virtual size: 759B

.YpaQGG Size: 512B - Virtual size: 463B

.EPUG Size: 2KB - Virtual size: 2KB

.Kkqg Size: 3KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 120KB

.CKOc Size: 2KB - Virtual size: 2KB

.rdata Size: 208KB - Virtual size: 208KB

.hkSR Size: 3KB - Virtual size: 2KB

.FLjQRU Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.BiSHzYR Size: 1024B - Virtual size: 783B

.LPfxR
Size: 512B - Virtual size: 15KB

.eJCh
Size: 2KB - Virtual size: 24KB

.lrHXO
Size: 512B - Virtual size: 21KB

.text
Size: 19KB - Virtual size: 19KB

.qVBxg
Size: 1024B - Virtual size: 759B

.YpaQGG
Size: 512B - Virtual size: 463B

.EPUG
Size: 2KB - Virtual size: 2KB

.Kkqg
Size: 3KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 120KB

.CKOc
Size: 2KB - Virtual size: 2KB

.rdata
Size: 208KB - Virtual size: 208KB

.hkSR
Size: 3KB - Virtual size: 2KB

.FLjQRU
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.BiSHzYR
Size: 1024B - Virtual size: 783B