6fb78ce9fe1b87689c9af2770026933b

Sharing

Copy URL Twitter E-mail

General

Target

6fb78ce9fe1b87689c9af2770026933b
Size

980KB
MD5

6fb78ce9fe1b87689c9af2770026933b
SHA1

2c784c2ee1d2440073be34bed27da683399f09a5
SHA256

d8ea9d1fdc7524836400061750293ed016fcaef62e787c859c08380948e9f925
SHA512

c4c710915635d7e3cd81457f278034705a2c972614f33f0e8ad77e684cd16cff0e3d88f4411f03f0b8a366e665541d50ebbae1e052e61a9093a6ef77bd018288
SSDEEP

24576:0VlqXa4gnYcWqTgj5kd37OYg4WMzdg+6Y:0V54gnYc1/d3jg4zoY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb78ce9fe1b87689c9af2770026933b

Files

6fb78ce9fe1b87689c9af2770026933b
.exe windows:6 windows x64 arch:x64

c0cd060673a55812c3ef9da6d72d1b43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetPhysicallyInstalledSystemMemory
SetConsoleScreenBufferSize
GetStdHandle
SetConsoleWindowInfo
FindNextFileA
InitializeCriticalSection
FindClose
GetCurrentDirectoryA
GetLastError
GetLargestConsoleWindowSize
QueryPerformanceFrequency
GetSystemInfo
HeapSetInformation
HeapAlloc
GetConsoleScreenBufferInfo
GetProcessHeap
GetConsoleWindow
QueryPerformanceCounter
CreateDirectoryW
GetLocalTime
ReadFile
CreateFileA
CloseHandle
SetFilePointerEx
VirtualFree
VirtualAlloc
GetDiskFreeSpaceA
GetCurrentThread
SetThreadIdealProcessor
HeapFree
FindFirstFileA
LeaveCriticalSection
DeleteCriticalSection
EnterCriticalSection
WriteConsoleW
SetEndOfFile
HeapSize
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileSizeEx
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
GetConsoleCP
FlushFileBuffers
GetTimeZoneInformation
ReadConsoleW
GetFileAttributesExW
CreateProcessW
GetConsoleCursorInfo
GetFileType
DuplicateHandle
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
GetCurrentProcessId
GetVersion
GetTickCount
GetModuleHandleA
GetProcAddress
SetConsoleActiveScreenBuffer
GetConsoleMode
SetConsoleCtrlHandler
SetConsoleMode
CreateConsoleScreenBuffer
FlushConsoleInputBuffer
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
WriteConsoleOutputA
SetConsoleCursorPosition
WriteConsoleA
SetConsoleCursorInfo
WaitForSingleObjectEx
SwitchToThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
TryEnterCriticalSection
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
WaitForSingleObject
RtlUnwindEx
RtlPcToFileHeader
RaiseException
ExitProcess
GetModuleHandleExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitThread
WriteFile
GetCommandLineA
GetCommandLineW
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetExitCodeProcess

user32

SetWindowLongW
GetMonitorInfoA
MonitorFromWindow
GetWindowRect
MapVirtualKeyA
GetKeyState
ShowScrollBar
GetWindowLongW
MoveWindow

ws2_32

WSAStartup
closesocket
WSAGetLastError
setsockopt
ioctlsocket
freeaddrinfo
inet_ntop
recv
connect
socket
send
getaddrinfo
listen
bind
accept
WSACleanup

urlmon

URLOpenBlockingStreamW

Sections

.text
Size: 545KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0cd060673a55812c3ef9da6d72d1b43

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

urlmon

Sections

.text Size: 545KB - Virtual size: 545KB

.rdata Size: 173KB - Virtual size: 172KB

.data Size: 16KB - Virtual size: 41KB

.pdata Size: 24KB - Virtual size: 24KB

.rsrc Size: 215KB - Virtual size: 214KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 545KB - Virtual size: 545KB

.rdata
Size: 173KB - Virtual size: 172KB

.data
Size: 16KB - Virtual size: 41KB

.pdata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 215KB - Virtual size: 214KB

.reloc
Size: 5KB - Virtual size: 4KB