6876f3f01026436a6fd10854fda3e9df

Sharing

Copy URL Twitter E-mail

General

Target

6876f3f01026436a6fd10854fda3e9df
Size

457KB
MD5

6876f3f01026436a6fd10854fda3e9df
SHA1

3e2dd24e8868b9af92882c2aea294751f602bc66
SHA256

f518ede68a4b267454a5da85a24a42b0eed7ddd4eef2b0bd021e896e62bc60ca
SHA512

ad2062c0e28efafb4bdbee4a676b34308cbe2769efdd029994ba639c93cb688cb76ed660140fd15d68ecfda860900f17a47b9347f96865f4b4fbed95edba7d38
SSDEEP

12288:bkJRWnMz9OLl9M1EB6qgSaeepaYYIhWC2MlOvYBFg9I:ESMzek1M6RSipaYXWT6bQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6876f3f01026436a6fd10854fda3e9df

Files

6876f3f01026436a6fd10854fda3e9df
.exe windows:4 windows x86 arch:x86

ab56f0e3bd48809d81503e7ef1aaf779

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCharABCWidthsFloatA
GetTextMetricsA
CreateEllipticRgn
CreateEllipticRgnIndirect
IntersectClipRect
SetROP2
SetViewportExtEx
GetTextMetricsW
GetDeviceCaps
EnumFontFamiliesExW
GetCharWidth32A
PolyTextOutA
GetDCOrgEx
GetFontData
EnumICMProfilesA
EndPage
SetBrushOrgEx
GetKerningPairsW
EndDoc
GetLayout
CreateDiscardableBitmap
CombineRgn
GetStockObject
EnumFontsW
CreateRectRgnIndirect

advapi32

CryptDestroyHash
CryptEnumProviderTypesW
RegReplaceKeyW
CryptImportKey
RegEnumKeyExA
LookupAccountSidA
CryptCreateHash
RegQueryMultipleValuesA
LookupPrivilegeValueA
LookupPrivilegeNameW
RegDeleteKeyW
DuplicateTokenEx
RegEnumValueA
StartServiceW
RegCreateKeyA
CryptGetUserKey
RegQueryInfoKeyA
RegOpenKeyExW
CryptHashData
RegSetValueExW
RegSetKeySecurity
RegSaveKeyA

shell32

SHFileOperationA
SHEmptyRecycleBinW
CheckEscapesW
SHGetFileInfo
SheChangeDirA
DragQueryFileW
SHGetDesktopFolder
DoEnvironmentSubstA
DoEnvironmentSubstW
SHFileOperation
InternalExtractIconListW
ExtractAssociatedIconExA

comdlg32

GetSaveFileNameA
FindTextW
PrintDlgA
ChooseColorW
GetFileTitleA
ChooseFontA
FindTextA
PageSetupDlgA
LoadAlterBitmap
GetOpenFileNameA
PageSetupDlgW
ChooseFontW
PrintDlgW
ReplaceTextA

kernel32

GetEnvironmentStringsW
ExitProcess
HeapReAlloc
IsDebuggerPresent
TlsGetValue
QueryPerformanceCounter
EnterCriticalSection
InterlockedExchange
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
SetEnvironmentVariableA
CompareStringA
GetProcAddress
LeaveCriticalSection
GetCurrentThread
SetHandleCount
IsValidLocale
UnhandledExceptionFilter
GetTickCount
GetOEMCP
GetLocaleInfoA
GetSystemTimeAsFileTime
GetModuleHandleA
VirtualQuery
HeapFree
DeleteCriticalSection
GetLocaleInfoW
VirtualAlloc
InterlockedDecrement
GetStringTypeA
GetUserDefaultLCID
VirtualFree
GetEnvironmentStrings
GetCPInfo
InitializeCriticalSection
OpenEventA
GetStringTypeW
GetLastError
TlsFree
GetVersionExA
GetModuleFileNameA
SetUnhandledExceptionFilter
GetProcessHeap
TlsAlloc
FreeEnvironmentStringsA
GlobalAddAtomA
GetDateFormatA
LCMapStringW
LCMapStringA
GetTimeFormatA
GetStartupInfoA
HeapAlloc
RtlUnwind
GetCurrentThreadId
HeapDestroy
GetTimeZoneInformation
IsValidCodePage
TlsSetValue
HeapCreate
InterlockedIncrement
EnumSystemLocalesA
GetStdHandle
CompareStringW
SetLastError
GetACP
GetFileType
GetCommandLineA
TerminateProcess
FreeEnvironmentStringsW
WriteFile
GetCurrentProcess
GetCurrentProcessId
WideCharToMultiByte
SetConsoleCtrlHandler
Sleep
HeapSize
FreeLibrary

wininet

InternetCreateUrlA
InternetConfirmZoneCrossingA
CommitUrlCacheEntryW
InternetTimeToSystemTimeA
FtpSetCurrentDirectoryA
DetectAutoProxyUrl
CommitUrlCacheEntryA
FtpPutFileW
InternetOpenUrlA
SetUrlCacheGroupAttributeW
InternetAutodial
UpdateUrlCacheContentPath
InternetCombineUrlA
FindFirstUrlCacheContainerW
InternetDialA
InternetSetDialStateA
FindNextUrlCacheContainerW

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab56f0e3bd48809d81503e7ef1aaf779

Headers

File Characteristics

Imports

gdi32

advapi32

shell32

comdlg32

kernel32

wininet

Sections

.text Size: 170KB - Virtual size: 170KB

.data Size: 278KB - Virtual size: 298KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 170KB - Virtual size: 170KB

.data
Size: 278KB - Virtual size: 298KB

.rsrc
Size: 8KB - Virtual size: 7KB