06eee1148be74871780af6f012708401

Sharing

Copy URL Twitter E-mail

General

Target

06eee1148be74871780af6f012708401
Size

449KB
MD5

06eee1148be74871780af6f012708401
SHA1

f72089e62e8f646b36398c4a81230f4e33fa05fd
SHA256

488617466a03c1d85431466cbabed486e258c9c2db81e14766f9270c52193744
SHA512

3473a02eb37eba7dec4a4fa65f94b2064da5c9f1065b6c225f559b4b041417f2d81de479649ed23acfea81ab367178cbef316cc79b38096c8c9bed4295b5a046
SSDEEP

12288:7rj2zG9DePJvmp3JvKXECWshmq35TpsAuKCh:Kq9DKRmp5yXRWsjp9sAuKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06eee1148be74871780af6f012708401

Files

06eee1148be74871780af6f012708401
.exe windows:4 windows x86 arch:x86

f3a282b0a7d71eb041854fc21bbe5f06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
VirtualAlloc
GetModuleFileNameW
SetLastError
MultiByteToWideChar
GetCommandLineW
HeapFree
WideCharToMultiByte
GetTimeFormatA
CompareStringA
GetFileType
GetLocaleInfoW
FindNextChangeNotification
HeapCreate
CreateDirectoryExW
GetSystemTimeAsFileTime
IsValidLocale
SetConsoleScreenBufferSize
RtlUnwind
GetModuleHandleA
HeapReAlloc
HeapAlloc
SetEnvironmentVariableA
UnhandledExceptionFilter
SetConsoleCtrlHandler
WriteFile
InterlockedDecrement
GetDateFormatA
CompareStringW
GetModuleHandleW
GetStringTypeA
FreeLibrary
TlsGetValue
ReadConsoleA
HeapSize
DeleteCriticalSection
GetStdHandle
GetProcAddress
InterlockedExchange
GetLastError
LoadLibraryA
GetModuleFileNameA
GetLocaleInfoA
FreeLibraryAndExitThread
TlsFree
ReadConsoleOutputA
LCMapStringW
SetHandleCount
GetCurrentProcess
VirtualQuery
SetConsoleActiveScreenBuffer
DebugBreak
GetPrivateProfileSectionW
GetOEMCP
GetCPInfo
GetTempPathW
GetStartupInfoA
GetCurrentProcessId
FileTimeToSystemTime
WriteProfileStringW
QueryPerformanceCounter
GetStringTypeW
GetStartupInfoW
EnumSystemLocalesA
GetTickCount
GetCurrentThreadId
GetEnvironmentStringsW
HeapDestroy
LoadLibraryW
SetUnhandledExceptionFilter
TlsSetValue
GetUserDefaultLCID
GetCurrentThread
Sleep
GetACP
AddAtomA
FreeEnvironmentStringsW
ExitProcess
IsValidCodePage
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
EnumSystemLocalesW
GetNumberFormatA
TerminateProcess
LCMapStringA
VirtualFree
AllocConsole
EnterCriticalSection
GetTimeZoneInformation
InterlockedIncrement
GetSystemDirectoryA
TlsAlloc
OpenSemaphoreW

advapi32

DuplicateTokenEx
RegReplaceKeyW
RegConnectRegistryW

gdi32

CreateDiscardableBitmap
CreateMetaFileW
PlayEnhMetaFileRecord
PlayEnhMetaFile
EnumMetaFile
SelectPalette
DeviceCapabilitiesExA
GetTextExtentPointW
CopyMetaFileA
SetMagicColors
CreateCompatibleBitmap

shell32

ExtractIconExA

comdlg32

ChooseColorA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3a282b0a7d71eb041854fc21bbe5f06

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

shell32

comdlg32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 9KB - Virtual size: 13KB

.data Size: 285KB - Virtual size: 284KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 9KB - Virtual size: 13KB

.data
Size: 285KB - Virtual size: 284KB

.rsrc
Size: 17KB - Virtual size: 17KB