6c5eea2d93dc13108a6020ae7f0bf6f432d0c99ddae8edbc4ed56557c497bf91[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6c5eea2d93dc13108a6020ae7f0bf6f432d0c99ddae8edbc4ed56557c497bf91.exe
Size

227KB
MD5

01c1f9a5f7239deb1b2d677d2a3ffe3a
SHA1

84d309197ee936daeca6c345be6d61090b2a6524
SHA256

6c5eea2d93dc13108a6020ae7f0bf6f432d0c99ddae8edbc4ed56557c497bf91
SHA512

37e3926e6ad0134f54a14079145636375a546b82c972dff2b7838a0f1266f27520224098002212dd7f9ac40aded3e648250d3386811b1854943a3d7dc1fb9ce2
SSDEEP

3072:oah/GOMLJLAHYEoW90C3sHOuOp9pctKXtOvJ4yac+mVHdOJW3fb5H+hi9:oaGHLNAnoUsHOZ9pctKEBl+m1gW5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c5eea2d93dc13108a6020ae7f0bf6f432d0c99ddae8edbc4ed56557c497bf91.exe

Files

6c5eea2d93dc13108a6020ae7f0bf6f432d0c99ddae8edbc4ed56557c497bf91.exe
.exe windows:5 windows x86 arch:x86

61d268ee3426305d6d7ceb3569462cf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
QueryDosDeviceA
InterlockedCompareExchange
SetComputerNameW
GetComputerNameW
CreateHardLinkA
GetTickCount
VirtualFree
GlobalFindAtomA
LoadLibraryW
SetCommConfig
GetLocaleInfoW
SetConsoleMode
WriteConsoleW
SetComputerNameExW
SetThreadPriority
GetStartupInfoW
WriteConsoleOutputCharacterA
SetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
LocalAlloc
TransmitCommChar
AddAtomW
FindFirstVolumeMountPointA
lstrcmpiW
GetModuleHandleA
FindFirstChangeNotificationA
IsDebuggerPresent
GetCurrentProcessId
ResetWriteWatch
DeleteFileA
GetConsoleAliasesLengthW
GetLastError
SetThreadContext
GetModuleHandleW
Sleep
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
GetLocaleInfoA
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

gdi32

GetCharABCWidthsFloatA
DeleteMetaFile

shell32

ShellAboutW

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61d268ee3426305d6d7ceb3569462cf1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

shell32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 4.1MB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 4.1MB

.rsrc
Size: 56KB - Virtual size: 56KB