06848ad7c6f3ed5cc770f5233378e9d5

Sharing

Copy URL

Twitter E-mail

General

Target

06848ad7c6f3ed5cc770f5233378e9d5
Size

195KB
MD5

06848ad7c6f3ed5cc770f5233378e9d5
SHA1

219793c5010484cd67245518e7b16c2a5ac344b1
SHA256

d48254e41bc71838e44cfc47eec140f8b1f2566eb9ce9b50ee428f12cecd785b
SHA512

106bc12aae7640e22f72c97b9e2af70065f53153e06a98bdbec57efc407cacb20729c3468a8ffb67a616356cd405ccb21d46fc3e157caf74ababc6ea35eecfa6
SSDEEP

6144:eRjF8+GY0MQXykLSdtVv4gfkjmZI5MYgaBrIDxbffQmGo/vQjAMDSH:eRRTGysH84gfkOI5pRrIDx280

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06848ad7c6f3ed5cc770f5233378e9d5

Files

06848ad7c6f3ed5cc770f5233378e9d5
.exe windows:4 windows x86 arch:x86

035c38da8cfe2b3219416bdd07d3bb65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixelFormat
CreateFontW
CreateRoundRectRgn
SelectClipRgn
CreateEnhMetaFileA
TranslateCharsetInfo
RemoveFontResourceA
CreateRectRgn
Pie
SetWindowExtEx
CreateSolidBrush
CreateICW
SetMetaFileBitsEx

ws2_32

bind
WSAGetServiceClassNameByClassIdW
WSAConnect
WSAGetServiceClassInfoA
WSAInstallServiceClassA
gethostbyaddr
WSASocketW
WSAHtons
WSAProviderConfigChange

comdlg32

ChooseColorW
PageSetupDlgA

user32

SetCaretBlinkTime
GetDlgItemInt
CharPrevA
GetMenuState
GetShellWindow
GetClipCursor
MapWindowPoints
SetDlgItemTextA
RemovePropA
SendMessageTimeoutW
GetWindowLongA
GetSystemMenu
CallWindowProcW
GetMenuItemRect
GetMessageA
GetDCEx
CharNextExA
IsWindowEnabled
DestroyAcceleratorTable
SetWindowContextHelpId

shell32

ExtractIconA

advapi32

InitiateSystemShutdownW
CryptVerifySignatureA
RevertToSelf
RegRestoreKeyA
SetNamedSecurityInfoW
CreatePrivateObjectSecurity
GetTokenInformation
OpenSCManagerW
RegQueryValueExW
RegSetValueExA
RegQueryInfoKeyA
CryptEncrypt
CryptVerifySignatureW
RegEnumKeyW
RegDeleteValueA
GetServiceKeyNameW
CreateServiceA

oleaut32

SafeArrayGetLBound
SafeArrayPutElement
SafeArrayRedim
VariantChangeType
VariantCopy

kernel32

GetLocaleInfoW
_llseek
SetConsoleOutputCP
DebugBreak
GetHandleInformation
GetVolumeInformationW
PeekNamedPipe
SetProcessShutdownParameters
GetCommandLineA
lstrlenA
VirtualAlloc
ExitProcess
SetTimeZoneInformation
SetMailslotInfo
GetBinaryTypeW
SetHandleCount
CreatePipe
GetPrivateProfileStringA
FindFirstFileW
LocalSize
ConnectNamedPipe
lstrcatW
EnumCalendarInfoW
GetCurrentProcess
GetDateFormatA
UnhandledExceptionFilter
GetSystemDefaultLangID
SetEnvironmentVariableW
LoadLibraryExA

comctl32

ImageList_AddMasked

msvcrt

_getpid
localtime
_fileno
fflush
strncmp
_strnicmp
_c_exit
_wtoi
_wsplitpath
_mbsnextc
_strupr
_wtol
_dup
asctime
_finite
iswcntrl
remove
_spawnv
malloc
wcsspn
strcspn
wcscmp
isdigit
_unlink
_mbsdec
localeconv
_kbhit
_mbscmp
_sys_errlist
_wgetcwd
_tell
iswdigit
strtok
clock
_beginthreadex
clearerr
_getdrive
difftime
_mbstrlen
_isctype
atoi
memchr
towupper
strftime
realloc
_wcsupr
_endthread

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

035c38da8cfe2b3219416bdd07d3bb65

Headers

File Characteristics

Imports

gdi32

ws2_32

comdlg32

user32

shell32

advapi32

oleaut32

kernel32

comctl32

msvcrt

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 4KB - Virtual size: 3KB

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 4KB - Virtual size: 3KB