6fd6534769458be0ea3a2af2e0772149

Sharing

Copy URL Twitter E-mail

General

Target

6fd6534769458be0ea3a2af2e0772149
Size

329KB
MD5

6fd6534769458be0ea3a2af2e0772149
SHA1

2277a194b7f04972e0c49516e83b2ab2f83008c0
SHA256

7153d48c37e4fe1bd9d03b55d890ece34bbc735de60fdd434e7479fa8de4ae76
SHA512

b67d56fc42e6d1a280dc299ebdb2d700b5d924a877e6b0c87bbfa6eb6d8548b32a5c1884ac46fa56f68768dfc9c8e763ea944e33a41c9cf19d34d316d9b3b54d
SSDEEP

6144:cVtI5Bq9u1g2YZ3jmNSU2EPuRU3pttIW8kYnB9ZdmEp4/hPi8frN3RnNIZpfbyeT:cbI54U1xFv2E2+ZFzYBfjpwhdfrN3Rn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fd6534769458be0ea3a2af2e0772149

Files

6fd6534769458be0ea3a2af2e0772149
.exe windows:4 windows x86 arch:x86

39e01944bf676ac79332338eb3ad9920

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
SetFilePointer
CreateFileW
Sleep
GlobalAlloc
GetComputerNameExW
WriteFile
SizeofResource
GetModuleFileNameW
LockResource
GetCPInfo
LCMapStringA
GetProcAddress
LeaveCriticalSection
GetVersionExW
GetCurrentProcessId
MulDiv
MapViewOfFile
LCMapStringW
HeapAlloc
GetThreadIOPendingFlag
InterlockedIncrement
DeleteCriticalSection
CreateFileMappingW
FlushInstructionCache
GetConsoleMode
GetStringTypeA
LoadResource
SetStdHandle
UnhandledExceptionFilter
GlobalFree
GetLocaleInfoW
InterlockedDecrement
GetLastError
GetModuleHandleW
LoadLibraryExW
ExitProcess
LoadLibraryExA
FormatMessageW
GetSystemDefaultUILanguage
WriteConsoleW
MultiByteToWideChar
EnumUILanguagesW
CreateFileA
GetLocaleInfoA
GlobalLock
FlushFileBuffers
SetLastError
FindResourceW
GetCurrentThreadId
UnmapViewOfFile
GetOEMCP
RaiseException
FindResourceExW
GetConsoleCP
InitializeCriticalSection
OutputDebugStringA
GetSystemTimeAsFileTime
GetConsoleOutputCP
WriteConsoleA
GetUserDefaultUILanguage
lstrlenW
TerminateProcess
SearchPathW
SetUnhandledExceptionFilter
GetCurrentProcess
FreeLibrary
GetACP
LoadLibraryW
WideCharToMultiByte
LocalFree
lstrcmpW
GlobalUnlock
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetStringTypeW
lstrcmpiW
GetTickCount

msimg32

TransparentBlt

user32

MoveWindow
SendMessageW
KillTimer
GetParent
TranslateAcceleratorW
CallWindowProcW
SetTimer
GetMessagePos
DestroyWindow
LoadImageW
GetDlgItem
CreateWindowExW
InvalidateRect
SetWindowLongW
DialogBoxParamW
PostMessageW
CharNextW
GetWindowLongW
GetActiveWindow
SetFocus
GetClientRect
EnumWindowStationsA
DefWindowProcW
ScreenToClient
SetDlgItemTextW
CheckMenuItem

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39e01944bf676ac79332338eb3ad9920

Headers

File Characteristics

Imports

kernel32

msimg32

user32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 128KB - Virtual size: 128KB

.edata Size: 5KB - Virtual size: 76KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 128KB - Virtual size: 128KB

.edata
Size: 5KB - Virtual size: 76KB