06766e3bc0c115fb268dbd72c8a9ead8

Sharing

Copy URL

Twitter E-mail

General

Target

06766e3bc0c115fb268dbd72c8a9ead8
Size

76KB
MD5

06766e3bc0c115fb268dbd72c8a9ead8
SHA1

b3f717344444836883036f9f7e4e7f1be62a1be5
SHA256

c6483db95be28b7b4688254b66d6853f6ebabaeaba192eab1b666d02baa16901
SHA512

67868ce5a9b8a5d6ab1cc612a6f5c34aff13959193562afb502f578465df78ed27017d92d57755c25244255e3a597862d784189fdee765169b2ddecd857ae224
SSDEEP

768:M6CC7Pk2EcmFelaoXgCZ/ySB1BcUHamFC2mtD/KZeeslMdUHKDGnDSfx7oLXCqq:rPPScjaoP/ySB1fab/esZHuhoGqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06766e3bc0c115fb268dbd72c8a9ead8

Files

06766e3bc0c115fb268dbd72c8a9ead8
.exe windows:4 windows x86 arch:x86

6845933dd4abd7bc99ccd419335c3b9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
VirtualAlloc
LoadLibraryA
Sleep
WriteFile
CreateFileA
CopyFileA
CloseHandle
OpenFile
GetModuleFileNameA
GetSystemDirectoryA
MoveFileA
RemoveDirectoryA
CreateDirectoryA
SearchPathA
SetCurrentDirectoryA
DeleteFileA
FindFirstFileA
WaitForSingleObject
CreateThread
ReadFile
GetFileSize
GetDriveTypeA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalMemoryStatus
GetComputerNameA
VirtualProtectEx
GetVersionExA
SetFilePointer
FindClose
GetLastError
FindNextFileA
OpenProcess
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
FileTimeToSystemTime
GetCurrentDirectoryA
GetLogicalDriveStringsA
PeekNamedPipe
CreatePipe
SetFileTime
GetFileTime
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
LocalFree
GetModuleHandleA
GetProcAddress
WriteProcessMemory
SetThreadContext
ResumeThread
TerminateProcess
VirtualQueryEx
CreateProcessA
GetThreadContext
ReadProcessMemory
GetSystemInfo
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapFree
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
RaiseException

user32

IsCharAlphaNumericA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetUserNameA
RegCreateKeyA
RegSetValueExA

ws2_32

htons
send
select
recv
closesocket
WSACleanup
WSASocketA
inet_addr
inet_ntoa
gethostbyname
WSAStartup
gethostname
socket
connect

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

oleaut32

GetErrorInfo

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6845933dd4abd7bc99ccd419335c3b9d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

oleaut32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 1KB