6fdf0f7c533fa6e82b2323d648f4aa82

General

Target

6fdf0f7c533fa6e82b2323d648f4aa82
Size

68KB
MD5

6fdf0f7c533fa6e82b2323d648f4aa82
SHA1

e4e0ab3699cb228a1d1aaef05374f2a95217239c
SHA256

c642d5e02f99a6a124022718033b68778287de80c06feae06f4e7ebbdc8c3c7a
SHA512

103d7fd0cc7189d2545503aa7cde72d7588750e60dac83fcb564fff1fc8397e9cc56dcced377574826f6ce7e5890a5570dced753989c65b8c802a959815ad141
SSDEEP

1536:d5wAKNQScylC794RtY0i02J/RFwEklrkwX8:I5QSpq0Y3UlwwM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fdf0f7c533fa6e82b2323d648f4aa82

Files

6fdf0f7c533fa6e82b2323d648f4aa82
.exe windows:4 windows x86 arch:x86

3f565743a60f309d29832f175a81e1cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetWaitableTimer
SuspendThread
CloseHandle
FindFirstChangeNotificationW
GetProcAddress
GetCurrentProcessId
GetLogicalDrives
GetTickCount
GlobalLock
DeleteFileW
GlobalAddAtomW
GetModuleFileNameW
FindResourceExW
LoadLibraryA
WaitForSingleObject
LoadLibraryW
VirtualFree
TerminateThread
ResetEvent
FreeResource
CreateFileW
FindFirstFileW
WriteFile
FindNextChangeNotification
lstrlenW
FindClose

user32

GetMessageW
SetForegroundWindow
SetWindowTextW
CreatePopupMenu
GetClassNameW
RedrawWindow
LoadCursorW
TranslateMessage
SetCursor
GetParent
OffsetRect
PostThreadMessageW
IsWindow
MessageBoxW
SystemParametersInfoW
LoadIconW
GetWindowTextW
SetCursorPos
SendMessageW
VkKeyScanW
WindowFromPoint
SendDlgItemMessageW
DestroyMenu
IsDlgButtonChecked
ReleaseCapture

gdi32

CreateICW
CreateCompatibleDC
LineTo
SetBkMode
CreateRoundRectRgn
CreateBitmap
CreateSolidBrush
SetMapMode
BitBlt
GetObjectW

advapi32

RegCloseKey
StartServiceW
LookupPrivilegeValueW
RegOpenKeyExW
InitializeSecurityDescriptor

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f565743a60f309d29832f175a81e1cd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB