f6d9671c64eb09727862fb4692310956

Sharing

Copy URL Twitter E-mail

General

Target

f6d9671c64eb09727862fb4692310956
Size

608KB
MD5

f6d9671c64eb09727862fb4692310956
SHA1

8bf5e1c5688d8b63f27fe2fa89b6e534f0dbbc72
SHA256

f025bb302444c9a7b177715dec87773ca4c800c9d0941586431de1aea59c87b8
SHA512

50515c9a66e063e6c9c9482b4c8adb6956af9dc22e1de9197fec9ac18b88cb15982d58d9575c69418f8c8750a96338351c44a1edf61edd30d139e8bd1376c5cc
SSDEEP

12288:P8fnyDcwao2E8Ob1W9tKvguSbjijC/RbtiCwt97PzrvB+5:mnymoOOZqIYHb3/GJNZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6d9671c64eb09727862fb4692310956

Files

f6d9671c64eb09727862fb4692310956
.exe windows:4 windows x86 arch:x86

3fe72f812be12e171222b095b932e63d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
EnumSystemLocalesA
InterlockedDecrement
DebugBreak
RtlUnwind
GetStartupInfoA
CreateFileA
GetCurrentProcess
GetLocaleInfoW
VirtualAlloc
IsDebuggerPresent
HeapValidate
HeapReAlloc
GetEnvironmentStringsW
CreateEventW
GetEnvironmentStrings
GetACP
TlsSetValue
GetModuleFileNameA
GetCommandLineA
WriteConsoleA
TlsGetValue
GetConsoleOutputCP
GetOEMCP
Sleep
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetModuleFileNameW
FreeLibrary
GetUserDefaultLCID
QueryPerformanceCounter
RaiseException
LCMapStringW
UnhandledExceptionFilter
LCMapStringA
OutputDebugStringA
FreeEnvironmentStringsW
HeapAlloc
GetLastError
HeapFree
FillConsoleOutputCharacterW
SetStdHandle
GetCurrentProcessId
CompareStringW
GetStdHandle
SetUnhandledExceptionFilter
LoadLibraryW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetCurrentThread
GetStringTypeA
GetCPInfo
SetFilePointer
WriteFile
SetConsoleTitleW
DeleteCriticalSection
SetLastError
SetHandleCount
SetEnvironmentVariableA
CompareStringA
GetPrivateProfileSectionNamesW
lstrlenA
TlsFree
GetLocalTime
FlushFileBuffers
GetTimeFormatA
GetProcAddress
GetDateFormatA
GetFileType
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedExchange
VirtualFree
SetConsoleCtrlHandler
GetLocaleInfoA
VirtualQuery
OutputDebugStringW
MultiByteToWideChar
GlobalFix
InterlockedIncrement
GetCurrentThreadId
HeapDestroy
GetShortPathNameA
TerminateProcess
GetConsoleMode
HeapSize
CreateMailslotA
WideCharToMultiByte
IsValidCodePage
GetModuleHandleW
GetStringTypeW
TlsAlloc
ExitProcess
IsBadReadPtr
WriteConsoleW
HeapCreate
GetModuleHandleA
GetProcessHeap
CloseHandle
LeaveCriticalSection
IsValidLocale

user32

IsCharAlphaNumericW
ShowCursor
ChangeDisplaySettingsW
UnhookWinEvent
EndMenu
BringWindowToTop
IsCharAlphaW
OemToCharA
TrackPopupMenuEx
DdeQueryNextServer
ChangeClipboardChain
GetParent
TranslateMessage
CharToOemW
SetRect
IsMenu

gdi32

DeleteObject
CreateBitmapIndirect
SetMapperFlags
GetBitmapDimensionEx
SetDeviceGammaRamp
GetTextExtentExPointW
GetICMProfileW
StretchBlt
CreateDIBPatternBrush
GetTextExtentPointA
RemoveFontResourceW
SetPolyFillMode
ColorMatchToTarget
PolyTextOutW
GetWinMetaFileBits
FloodFill
EnumICMProfilesW
SelectObject
CreateFontA

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 349KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fe72f812be12e171222b095b932e63d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 249KB - Virtual size: 249KB

.data Size: 349KB - Virtual size: 371KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 249KB - Virtual size: 249KB

.data
Size: 349KB - Virtual size: 371KB

.rsrc
Size: 9KB - Virtual size: 8KB