06d449e94bb3b3dfae87f2f34ac346ac

Sharing

Copy URL Twitter E-mail

General

Target

06d449e94bb3b3dfae87f2f34ac346ac
Size

535KB
MD5

06d449e94bb3b3dfae87f2f34ac346ac
SHA1

80afc7f8055427144803cce15a879d63f35af0f1
SHA256

8c2eb8d51fb479b7018961d913ebd91a6c48e0b994a764996d36fe8cd89a8868
SHA512

91fc9124d462848cb7e4d23b2b45b2f2e5a923e2265017e80f1c72790d501d1f845c8a585d63191fb846e87188f92d71068614224e863beba7abafa21ff433df
SSDEEP

12288:eMyxSebS4LlAZkoRFX81zzd7x8fekCErkaj5z+2M/LqX99lp2:ezSiS4L7AFOzliWqrtLNX1p2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06d449e94bb3b3dfae87f2f34ac346ac

Files

06d449e94bb3b3dfae87f2f34ac346ac
.exe windows:4 windows x86 arch:x86

956327c73abaf2a025ed2f20a1121431

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuState
LoadCursorA
CharLowerBuffA
RegisterClassExA
GetScrollRange
ChangeDisplaySettingsExA
InsertMenuA
DdeAddData
DestroyCursor
CharLowerBuffW
GetProcessDefaultLayout
SetDoubleClickTime
DdeCreateStringHandleW
SetForegroundWindow
RegisterClassA
SetMenuItemInfoA
SetShellWindow
GetMenuInfo
GetClipboardData

shell32

SHQueryRecycleBinA
DragQueryFileW
SHFileOperation
ShellExecuteEx

comctl32

InitCommonControlsEx

kernel32

IsValidLocale
ExitProcess
GetCurrentDirectoryA
SetFilePointer
IsDebuggerPresent
LeaveCriticalSection
DeleteCriticalSection
GetLastError
MultiByteToWideChar
SetHandleCount
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
OpenMutexA
GetConsoleCP
GetTimeZoneInformation
GetLocaleInfoA
CompareStringW
InitializeCriticalSection
FlushFileBuffers
GetTickCount
FreeLibrary
HeapFree
TlsFree
HeapCreate
GetFileType
LoadLibraryA
CreateFileA
GetEnvironmentStringsW
GetModuleHandleA
GetCurrentThread
HeapReAlloc
GetConsoleOutputCP
GetLocaleInfoW
GetStdHandle
HeapDestroy
GetEnvironmentStrings
LCMapStringW
GetDateFormatA
GetUserDefaultLCID
FileTimeToDosDateTime
Sleep
EnterCriticalSection
GetCPInfo
GetProcAddress
WideCharToMultiByte
GetConsoleMode
GetTimeFormatA
GetProcessHeap
LCMapStringA
IsValidCodePage
CompareStringA
VirtualFree
InterlockedIncrement
SetStdHandle
HeapSize
QueryPerformanceCounter
TlsAlloc
FreeEnvironmentStringsW
GetCommandLineA
GetACP
TlsGetValue
GetSystemTimeAsFileTime
VirtualQuery
GetStringTypeA
GetOEMCP
WriteConsoleW
VirtualAlloc
GetModuleFileNameW
RtlUnwind
GetCommandLineW
CreateMutexA
InterlockedExchange
InterlockedDecrement
SetConsoleCtrlHandler
SetEnvironmentVariableA
GetSystemTimeAdjustment
HeapAlloc
GetVersionExA
TlsSetValue
WriteConsoleA
ReadFile
GetStartupInfoA
GetStartupInfoW
TerminateProcess
GetStringTypeW
SetLastError
EnumSystemLocalesA
GetCurrentProcessId
GetModuleFileNameA
GetCurrentThreadId
CloseHandle
UnhandledExceptionFilter
WriteFile
GetCurrentProcess

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

956327c73abaf2a025ed2f20a1121431

Headers

File Characteristics

Imports

user32

shell32

comctl32

kernel32

Sections

.text Size: 393KB - Virtual size: 393KB

.rdata Size: 22KB - Virtual size: 30KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 393KB - Virtual size: 393KB

.rdata
Size: 22KB - Virtual size: 30KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 10KB - Virtual size: 9KB