6fc9b9d5df4e81d56b85e2bc344c381b13fe0ca311c8ef1f6dd738116a1965dc

Sharing

Copy URL

Twitter E-mail

General

Target

6fc9b9d5df4e81d56b85e2bc344c381b13fe0ca311c8ef1f6dd738116a1965dc
Size

5.5MB
MD5

82c3191d75e99f0ee987345d3e297fa9
SHA1

a5d6132678b39da23aacb897bf72cc289f6ba44b
SHA256

6fc9b9d5df4e81d56b85e2bc344c381b13fe0ca311c8ef1f6dd738116a1965dc
SHA512

156cbcc49313dbd37d910914de6d8eb622d92981ec560880f62abff09473b65646f8c68ff19fbdf261f378dcf0f2bef8d137acbc10d1558508c2b419ed45902f
SSDEEP

98304:IlcCU8C5Blsr8Qb1BPIDz5XT7JWrd4g8P8T649Sj0nqDo8eckicPjHK+m:IhUYrtqDzJm8kTP9Sj0nqDP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fc9b9d5df4e81d56b85e2bc344c381b13fe0ca311c8ef1f6dd738116a1965dc

Files

6fc9b9d5df4e81d56b85e2bc344c381b13fe0ca311c8ef1f6dd738116a1965dc
.exe windows:4 windows x86 arch:x86

f57018a24fc55ceae85b3844f1c6e8aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetStartupInfoA
CloseHandle
CompareStringA
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
EnumCalendarInfoA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetACP
GetComputerNameA
GetCPInfo
GetDateFormatA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDriveTypeA
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetStdHandle
GetStringTypeExA
GetSystemDirectoryA
GetSystemInfo
GetTempPathA
GetThreadLocale
GetUserDefaultLCID
LeaveCriticalSection
GetVersionExA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LockResource
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenMutexA
OpenProcess
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryA
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetLastError
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
TerminateProcess
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
WritePrivateProfileStringA
lstrcpyW
GetSystemDefaultLCID
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetLocalTime
GetCommandLineW
GetTimeZoneInformation
GetConsoleMode
GetVersion

user32

DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
DrawFocusRect
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardType
GetKeyNameTextA
GetKeyState
GetLastActivePopup
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapWindowPoints
MessageBeep
DrawIconEx
MsgWaitForMultipleObjects
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WindowFromPoint
WinHelpA
VkKeyScanW
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
MessageBoxA
DrawFrameControl
ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
CharLowerBuffA
CharNextA
CharToOemA
CharUpperBuffA
CheckMenuItem
EndPaint

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
ControlService
DeleteService
RegSetValueExA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
OpenServiceA
OpenSCManagerA
GetUserNameA

shell32

CommandLineToArgvW

ole32

OleInitialize
OleDraw
IsAccelerator
CreateStreamOnHGlobal
OleSetMenuDescriptor
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoGetClassObject
CoCreateInstance
StringFromCLSID
ProgIDFromCLSID
CoUninitialize
OleUninitialize

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_exit
__p__commode
__p__fmode
__set_app_type
_controlfp
_adjust_fdiv
_except_handler3

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ctls0
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jetb
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f57018a24fc55ceae85b3844f1c6e8aa

Headers

File Characteristics

Imports

mpr

version

kernel32

user32

advapi32

shell32

ole32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 4.0MB

.ctls0 Size: 8KB - Virtual size: 4KB

.rsrc Size: 604KB - Virtual size: 603KB

.jetb Size: 2.5MB - Virtual size: 2.5MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 4.0MB

.ctls0
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 604KB - Virtual size: 603KB

.jetb
Size: 2.5MB - Virtual size: 2.5MB