06d6d9832b39b7f2d45697d13cc16826

Sharing

Copy URL

Twitter E-mail

General

Target

06d6d9832b39b7f2d45697d13cc16826
Size

424KB
MD5

06d6d9832b39b7f2d45697d13cc16826
SHA1

ce3ff30ae712265cce6b20c39711de1fb51adbf5
SHA256

4f8584a88efd1caeaf6660d70c577f1b7b1411581207b2820684dbabed9a7052
SHA512

8f4bd4f491bce8f8972879ec76595c9b7cd840e224fc5ac89b2111f18150cd54432ac5a7fa995ae210c66bca291ecdf892d30aa28f88dad42e4683595529a831
SSDEEP

6144:lRWPdP/u9zflQeYtAwGGzawN2zkzfGTn8gSmuW+Av9CtWaJbiiUIZoV:qof2WwbzawN7zfGTDHH+c9CXkDI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06d6d9832b39b7f2d45697d13cc16826

Files

06d6d9832b39b7f2d45697d13cc16826
.exe windows:4 windows x86 arch:x86

4252560c27820bef1e1c7c4d1e20789d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

kernel32

Sleep
RegisterConsoleOS2
CancelWaitableTimer
IsBadHugeReadPtr
UpdateResourceA
lstrlen
LocalAlloc
GetLastError
VirtualAlloc

dsound

DirectSoundFullDuplexCreate
GetDeviceID
DllGetClassObject
DirectSoundCaptureCreate8
DirectSoundCaptureCreate
DirectSoundCreate8
DirectSoundEnumerateA
DirectSoundEnumerateW
DirectSoundCreate
DllCanUnloadNow
DirectSoundCaptureEnumerateW
DirectSoundCaptureEnumerateA

d3d9

D3DPERF_GetStatus
D3DPERF_QueryRepeatFrame
D3DPERF_EndEvent
DebugSetMute
D3DPERF_BeginEvent
Direct3DCreate9
D3DPERF_SetRegion
D3DPERF_SetOptions
D3DPERF_SetMarker
PSGPSampleTexture
PSGPError
DebugSetLevel
Direct3DShaderValidatorCreate9

cryptnet

LdapProvOpenStore
CryptInstallCancelRetrieval
DllUnregisterServer
CryptRetrieveObjectByUrlW
CryptUninstallCancelRetrieval
CryptFlushTimeValidObject
CertDllVerifyCTLUsage
CryptCancelAsyncRetrieval
CryptRetrieveObjectByUrlA
CertDllVerifyRevocation
I_CryptNetGetHostNameFromUrl
CryptGetObjectUrl
I_CryptNetEnumUrlCacheEntry
CryptGetTimeValidObject
I_CryptNetGetUserDsStoreUrl
DllRegisterServer

certcli

CAAccessCheck

serialui

drvGetDefaultCommConfigW
drvSetDefaultCommConfigA
drvSetDefaultCommConfigW
drvCommConfigDialogA
drvGetDefaultCommConfigA
drvCommConfigDialogW

dbnmpntw

ConnectionError
ConnectionServerEnumW
ConnectionTransact
ConnectionVer
ConnectionOpen
ConnectionClose
ConnectionObjectSize
ConnectionWriteOOB
ConnectionStatus
ConnectionServerEnum
ConnectionErrorW
ConnectionCheckForData
ConnectionRead
ConnectionMode
ConnectionWrite
ConnectionOpenW

d3d8thk

OsThunkDdCreateSurface
OsThunkDdResetVisrgn
OsThunkDdAlphaBlt
OsThunkDdGetFlipStatus
OsThunkDdGetDriverInfo
OsThunkDdQueryDirectDrawObject
OsThunkDdGetScanLine
OsThunkDdGetMoCompFormats
OsThunkDdDeleteSurfaceObject
OsThunkDdGetMoCompGuids
OsThunkDdUnlock
OsThunkDdCanCreateSurface
OsThunkDdDestroyMoComp
OsThunkDdCreateDirectDrawObject
OsThunkDdDestroySurface
OsThunkDdGetDxHandle

msxbde40

DllRegisterServer
DllUnregisterServer

setupapi

SetupDuplicateDiskSpaceListW
CM_Query_Remove_SubTree_Ex
SetupGetLineCountW
SetupCloseFileQueue
SetupInitializeFileLogW
SetupGetBackupInformationW
CM_Query_Arbitrator_Free_Size_Ex
CM_Free_Range_List
SetupPromptForDiskW
CM_Get_Device_IDA
SetupDiDestroyDriverInfoList
SetupDefaultQueueCallbackW
SetupDiEnumDeviceInfo
SetupDiSetSelectedDriverW
SetupDiCreateDeviceInterfaceW
SetupGetTargetPathA
MyRealloc
SetupOpenLog
CM_Next_Range
SetupDiGetDeviceInstallParamsW
CM_Get_Class_NameW
SetupDiInstallDeviceInterfaces
CM_Get_First_Log_Conf
SetupGetLineTextW
SetupFreeSourceListW
SetupDiClassGuidsFromNameW
SetupAddToDiskSpaceListA
SetupInstallServicesFromInfSectionExW
CM_Delete_DevNode_Key_Ex
SetupQueueCopySectionW
SetupDiGetHwProfileListExW
SetupQueueDeleteA
CM_Open_DevNode_Key
CM_Get_Resource_Conflict_DetailsW
SetupDiSelectBestCompatDrv
SetupDiSetDeviceRegistryPropertyA
CM_Create_DevNodeW
CM_Query_Arbitrator_Free_Size
SetupCloseLog
SetupQuerySourceListW
SetupDiAskForOEMDisk
SetupRemoveFromSourceListA
SetupAddSectionToDiskSpaceListW
SetupDiSetDriverInstallParamsA
CM_Get_Child
SetupDiOpenClassRegKeyExA
CM_Unregister_Device_InterfaceW
SetupInstallFileW

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4252560c27820bef1e1c7c4d1e20789d

Headers

File Characteristics

Imports

mfc42

kernel32

dsound

d3d9

cryptnet

certcli

serialui

dbnmpntw

d3d8thk

msxbde40

setupapi

Sections

.text Size: 176KB - Virtual size: 176KB

.rsrc Size: 247KB - Virtual size: 247KB

.data Size: - Virtual size: 2.0MB

.text
Size: 176KB - Virtual size: 176KB

.rsrc
Size: 247KB - Virtual size: 247KB

.data
Size: - Virtual size: 2.0MB