5e6dbd4c38befb01dbe4be8c0c72edd6fcc337dc6f50615ad027d719aefb3554

Sharing

Copy URL Twitter E-mail

General

Target

5e6dbd4c38befb01dbe4be8c0c72edd6fcc337dc6f50615ad027d719aefb3554
Size

3.9MB
MD5

8afd1dd1ab670f272327fa9ab0f604ee
SHA1

2cd1f6464bb707488db6492e30fda84c0d0f7a0f
SHA256

5e6dbd4c38befb01dbe4be8c0c72edd6fcc337dc6f50615ad027d719aefb3554
SHA512

275b403f8a7ff0b907673bafb17498dc1479be6a8cb91577084af0c90a578360454c57deb3ea26338816fe10884df166236f7a09e4564dc2076ec25177785e34
SSDEEP

49152:4PBsWIVFkIDlPH5fuiRqemBH8xr+vWmpv:Peim6x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e6dbd4c38befb01dbe4be8c0c72edd6fcc337dc6f50615ad027d719aefb3554

Files

5e6dbd4c38befb01dbe4be8c0c72edd6fcc337dc6f50615ad027d719aefb3554
.exe windows:6 windows x64 arch:x64

6db5418b3946a7c63efe4bd85e34c78a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

wvsprintfA
CallWindowProcW
GetTopWindow
SetCaretBlinkTime
GetMenuItemRect
SetMenuDefaultItem
GetWindowModuleFileNameW
SetWindowPos
FindWindowA
RedrawWindow
GetWindowTextA
EnableWindow
GetSystemMetrics
IsWindow
CheckRadioButton
UnregisterClassA
GetCursorInfo
GetClipboardOwner
GetMenuState
ShowWindowAsync
IsCharAlphaW
IntersectRect
GetFocus
GetClipboardViewer
DeferWindowPos
SetScrollInfo
FindWindowW
GetDlgItem
SendDlgItemMessageA
AppendMenuA
CreatePopupMenu
DestroyMenu
ClientToScreen
TrackPopupMenu
GetCursorPos
SendMessageA
GetDlgItemTextA
wsprintfA
MessageBoxA
LoadCursorA
GetActiveWindow
CheckDlgButton
SetWindowTextA
IsDlgButtonChecked
SetWindowLongA
CallWindowProcA
GetClassInfoA
CloseClipboard
GetClipboardData
EnumClipboardFormats
SetDlgItemTextA
EndDialog
RegisterClassA
DefDlgProcA
SetActiveWindow
SetMenuItemInfoA
CheckMenuItem
GetMenu
InsertMenuItemA
SetWindowPlacement
SetTimer
GetSystemMenu
MoveWindow
GetClientRect
PostQuitMessage
DestroyWindow
DestroyIcon
KillTimer
GetSysColor
CheckMenuRadioItem
EnableMenuItem
CharLowerBuffA
GetWindowPlacement
SetDlgItemInt
GetSubMenu
IsMenu
GetWindowRect
CreateDialogParamA
DestroyCursor
PostMessageA
ChildWindowFromPoint
InvalidateRect
RemoveMenu
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
OpenClipboard
CharUpperA
SetFocus
SetClipboardData
EmptyClipboard
LoadIconA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
DialogBoxParamA
GetSysColorBrush
SetCursor
GetWindowLongA

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
HeapAlloc
GetModuleHandleExW
TerminateProcess
ExitProcess
GetCurrentProcess
GetModuleFileNameW
WriteFile
GetStdHandle
RtlPcToFileHeader
RaiseException
EncodePointer
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwindEx
FlsSetValue
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
GetEnvironmentStringsW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
FlsFree
LCMapStringW
SetFilePointerEx
HeapSize
HeapReAlloc
FlushFileBuffers
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
GetConsoleOutputCP
GetConsoleMode
AssignProcessToJobObject
GetPriorityClass
PrepareTape
DecodeSystemPointer
GetCommTimeouts
GetFileTime
DisableThreadLibraryCalls
ResetWriteWatch
EncodeSystemPointer
CloseHandle
AddAtomW
GetNativeSystemInfo
DeleteAtom
GetProcessHeap
GetSystemInfo
CreateMutexW
GetVersion
GetCommandLineW
GetLastError
CreateFileW
GetFileInformationByHandle
GetFileSize
WaitForSingleObject
SetFileValidData
SetEndOfFile
GetFileType
FlsAlloc
RtlCaptureContext
FlsGetValue
WriteConsoleW
GetModuleHandleW
ReleaseMutex

gdi32

SetBkMode
GetObjectA
SetTextColor
CreateFontIndirectA
GetStockObject
DeleteObject
SelectObject

comctl32

ImageList_Create
ImageList_Destroy
InitCommonControlsEx
CreateToolbarEx
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Remove

comdlg32

GetOpenFileNameA
GetSaveFileNameA

ole32

CoFileTimeNow
OleGetIconOfFile
CoMarshalInterface
CoFileTimeToDosDateTime
CoDisableCallCancellation
CoSuspendClassObjects
ProgIDFromCLSID
CLSIDFromProgID

advapi32

GetUserNameA
RegDeleteKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegSetValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 503KB - Virtual size: 637KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6db5418b3946a7c63efe4bd85e34c78a

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

comdlg32

ole32

advapi32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 503KB - Virtual size: 637KB

.pdata Size: 5KB - Virtual size: 4KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 490KB - Virtual size: 490KB

.reloc Size: 128KB - Virtual size: 127KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 503KB - Virtual size: 637KB

.pdata
Size: 5KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 490KB - Virtual size: 490KB

.reloc
Size: 128KB - Virtual size: 127KB