6fcb4b2629071ba803f80f913b95d151 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fcb4b2629071ba803f80f913b95d151
Size

10KB
MD5

6fcb4b2629071ba803f80f913b95d151
SHA1

9d2a9a82e213ba7c028acdb50e1a402370ca215b
SHA256

a24529378e421ca68a20b5fbbacf409b5e90bdf4aefc6c9a27a47bd022169aa4
SHA512

9f0e6cba5e0d502cc9a738b975fc7bae5193219760e440dfaf18ccd087f303aa95c40abee5379a226e84e4399068ba4c4420e2a63b00375b9c4fa16d2372ef8f
SSDEEP

192:xQrz7RIRcccm5c8c//eEmyblF20FELIAsAqOvLt+9TDG:irfRIRccha8Cm820unsEvLg9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fcb4b2629071ba803f80f913b95d151

Files

6fcb4b2629071ba803f80f913b95d151
.dll windows:4 windows x86 arch:x86

44f33b547a4fefa32f5e8f31e7ba78b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
Sleep
ExitThread
GetTickCount
CreateThread
GetSystemDirectoryA
lstrcatA
FindFirstFileA
CreateFileA
WriteFile
FindClose
ReadFile
CloseHandle
GetComputerNameA
GetVersion
lstrcpyA
LocalAlloc
GetTempPathA
CopyFileA
WinExec
LocalFree
DeleteFileA
GetLocalTime
lstrcpynA
lstrcmpiA
lstrlenA
GlobalAlloc
GlobalFree
RtlZeroMemory
GetProcessHeap
CreateMutexA
WaitForSingleObject
ReleaseMutex
DisableThreadLibraryCalls

user32

wsprintfA

ws2_32

socket
connect
inet_addr
gethostbyname
bind
send
recv
closesocket
htonl
listen
accept
select
shutdown
getsockname
gethostname
__WSAFDIsSet
setsockopt
WSAStartup
WSACleanup

urlmon

URLDownloadToFileA

advapi32

GetUserNameA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA

wininet

InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ