0206f9effde21d036c66093ff5d453b6

Sharing

Copy URL Twitter E-mail

General

Target

0206f9effde21d036c66093ff5d453b6
Size

88KB
MD5

0206f9effde21d036c66093ff5d453b6
SHA1

58702e53b64adc3db26b66ca0746669d67980dd6
SHA256

fafab460ae0c84711dee2b1ecabbef5e7adefeaf17df9945d334f24f6b0dea0c
SHA512

30e6f485be4e5b0383e3d5925f23982f46593810bfbe3e14b32a0eb581d7ad4bb7f3d89f187fca8e6f9bd9a860d01fe6cc8751b7c6386685f59f205ea77590d4
SSDEEP

1536:+chTI17unDI1C7YqgAE3sePiWkV+oUYYbJjl2+/s:1TI17qDI1C7nEwrzUYYbJjl3/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0206f9effde21d036c66093ff5d453b6

Files

0206f9effde21d036c66093ff5d453b6
.exe windows:4 windows x86 arch:x86

6479ad2ec1dd63ae53234977b3c87e77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetCommandLineA
GetSystemTime
GetVersionExA
GetFileAttributesA
GetCurrentProcess
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
GetLongPathNameA
GetWindowsDirectoryA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetSystemDirectoryA
TerminateProcess
GetLastError
Sleep
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
ReadFile
CreateFileA
SetFilePointer
DeleteFileA
WriteFile
CloseHandle
SetEvent
CreateEventA
WaitForSingleObject
MoveFileExA
CopyFileA
lstrlenA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetProcAddress
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
HeapAlloc
GetOEMCP
GetCPInfo
HeapFree
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
RtlUnwind
GetTimeZoneInformation
GetLocalTime
RaiseException
SetEnvironmentVariableA

advapi32

RegSetValueExA
CreateServiceA
ChangeServiceConfig2A
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
OpenSCManagerA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6479ad2ec1dd63ae53234977b3c87e77

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

version

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 776B

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 776B