f6a212f76c0ed71ad65c47736b997065

General

Target

f6a212f76c0ed71ad65c47736b997065
Size

256KB
MD5

f6a212f76c0ed71ad65c47736b997065
SHA1

9a38259f486387d643ba1a7260b6bd6d085bd13a
SHA256

9d77d92ce493694b2b5a9aa45256e241e9f5b4c357aaa416b93136dc80192608
SHA512

bc1ce990e30d7e456fe6e46a35f0d35b6d8c1cbb5a0625e4d677d1ef6174c0c8ee773e62fefdd02a0146859c5e0b5a8211f2b21798160a1d1ecb971fffcdc4f3
SSDEEP

6144:yFn3r7r4n0gKgMc7n2elK3jGPM/zmfTf1CYv:qmMsS/z2Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6a212f76c0ed71ad65c47736b997065

Files

f6a212f76c0ed71ad65c47736b997065
.exe windows:4 windows x86 arch:x86

d0e7c7abe8497c25ee4efae88e8149b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
lstrcmpiA
FreeConsole
DeleteFileA
FreeConsole
ExitProcess
FreeConsole
GetCommandLineW
FreeConsole
GetModuleFileNameA
FreeConsole
GetOEMCP
FreeConsole
lstrcpynA
FreeConsole
lstrcmpA
GetLogicalDrives
GetLastError
HeapFree
GetFileSize
lstrcmpA
lstrcmpiA
WideCharToMultiByte
GetOEMCP
GetStringTypeA
GlobalFree
FreeLibrary
GetCommandLineA
lstrcpyA
GetStringTypeW
DeleteFileA
lstrcatA
GlobalAlloc
HeapAlloc
Sleep
ExitProcess

advapi32

RegEnumKeyW
RegQueryInfoKeyW
RegFlushKey
RegDeleteValueW
RegEnumValueW
RegQueryValueA
RegOpenKeyW
RegEnumKeyA
RegGetKeySecurity
RegReplaceKeyA
RegQueryValueW
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyW
RegEnumKeyExW
RegDeleteKeyA
RegQueryInfoKeyA
RegLoadKeyW
RegLoadKeyA
RegQueryValueExA

user32

GetWindowTextLengthA
IsMenu
BlockInput
DialogBoxParamA
CopyImage
AlignRects
CopyIcon
CloseWindow
CopyRect
GetDlgItem
InsertMenuA
DrawTextA
IsWindow
GetWindowTextA
DrawTextW
DrawIcon

Sections

.taxt
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdaaa
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edaaa
Size: 12KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iadta
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0e7c7abe8497c25ee4efae88e8149b2

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.taxt Size: 15KB - Virtual size: 14KB

.rdaaa Size: 217KB - Virtual size: 217KB

.edaaa Size: 12KB - Virtual size: 59KB

.iadta Size: 7KB - Virtual size: 7KB

.taxt
Size: 15KB - Virtual size: 14KB

.rdaaa
Size: 217KB - Virtual size: 217KB

.edaaa
Size: 12KB - Virtual size: 59KB

.iadta
Size: 7KB - Virtual size: 7KB