6bbf0c18f81357e637b708ff0c1103fd25203f2ab9189663f75ce2d686308626

Sharing

Copy URL Twitter E-mail

General

Target

6bbf0c18f81357e637b708ff0c1103fd25203f2ab9189663f75ce2d686308626
Size

616KB
MD5

c3fc9e12ff6f23e97ea16431fee1ef53
SHA1

ff40b68e934f0fe76775ce32737e55e62c2a59e4
SHA256

6bbf0c18f81357e637b708ff0c1103fd25203f2ab9189663f75ce2d686308626
SHA512

ef66a220e51758336b8e8445d859a0f9080ccac18d0e1c14f38d2d096d2bfe19d452bbe9a7e316cf539b4e2cca60e853c5aa91ed479f9490681ec387c696b0fb
SSDEEP

6144:b7LUu712Bqz0oUBRFVn2blYv7poMQOPu9/3KeRWjTjAk9zHKuD48t:b7LUu7kfBlSlapvQOm9/3KW0Tjqt8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bbf0c18f81357e637b708ff0c1103fd25203f2ab9189663f75ce2d686308626

Files

6bbf0c18f81357e637b708ff0c1103fd25203f2ab9189663f75ce2d686308626
.exe windows:4 windows x86 arch:x86

a23e5e433d6b6255a4fbcf3bda2a4b2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
HeapFree
FreeLibrary
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
GetOEMCP
GetACP
SetFilePointer
IsBadCodePtr
SetConsoleCtrlHandler
GetStringTypeW
LoadLibraryA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapCreate
HeapDestroy
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
GetProcessHeap
HeapAlloc
GetTickCount
GetModuleFileNameA
lstrcatA
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetStringTypeA
Sleep
SetEnvironmentVariableA
GetVersionExA
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
IsBadWritePtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
LCMapStringA
LCMapStringW
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetCPInfo
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
HeapReAlloc
GetLastError
GetEnvironmentVariableA

user32

EndDialog
DialogBoxParamA
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassExA
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowRect
GetClientRect
SetWindowPos
ReleaseDC
GetDC
LoadImageA
LoadStringA

gdi32

TextOutA
GetStockObject
Rectangle
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetObjectA
DeleteObject
SetBkMode

shlwapi

PathRemoveFileSpecA

Sections

.text
Size: 476KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a23e5e433d6b6255a4fbcf3bda2a4b2c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

Sections

.text Size: 476KB - Virtual size: 473KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 24KB - Virtual size: 30KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 60KB - Virtual size: 57KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 476KB - Virtual size: 473KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 24KB - Virtual size: 30KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 16KB - Virtual size: 15KB