6ff3441a8dab3953c7676ca150fbb720

Sharing

Copy URL

Twitter E-mail

General

Target

6ff3441a8dab3953c7676ca150fbb720
Size

404KB
MD5

6ff3441a8dab3953c7676ca150fbb720
SHA1

311232a3401f614050427de5dfeb4cd982e69ed6
SHA256

26c8bb3e18b90def0042206d9559b0850844d82ca54349ed7a1e2c6a852fd311
SHA512

beee2ff0d9e6b15d99c41c400c30e4e32302d635ee279f69c23f5c46735656f2c97f3b710651f624d5f7d379a9cedea772dcae802550ddb79542ca51aa14b8ac
SSDEEP

6144:L2mCXtRHkflbcUaPBtWCXdlnBGc0K4jn:LfCXtRHcbcUABMsGTHr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ff3441a8dab3953c7676ca150fbb720

Files

6ff3441a8dab3953c7676ca150fbb720
.exe windows:4 windows x86 arch:x86

45df98a9ca82b14949595d67d4439d73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
GetFileAttributesA
GetFileInformationByHandle
GetExitCodeProcess
ReleaseMutex
GetVolumeInformationA
HeapDestroy
GetEnvironmentVariableA
GetConsoleAliasExesLengthA
GetThreadPriorityBoost
GetCommandLineA
PeekConsoleInputA
GetProcessHandleCount
PrepareTape
LocalAlloc
GetCommProperties
GetConsoleCursorInfo
FindNextVolumeMountPointW
GetVersionExA
PulseEvent
GetCurrentDirectoryA
SetWaitableTimer
GetLocaleInfoA
GetProcessHeap
GetTempPathA
GlobalMemoryStatusEx
DisconnectNamedPipe
GlobalSize
GlobalWire
FindFirstChangeNotificationA
DuplicateConsoleHandle
CommConfigDialogA
GetWindowsDirectoryA
SetFilePointerEx
GlobalUnWire
ClearCommError
WriteConsoleInputA
QueryDosDeviceA
SizeofResource
GetCurrentThreadId
GetConsoleMode
GetProcessPriorityBoost
FlushViewOfFile
SetConsoleDisplayMode
ChangeTimerQueueTimer
GlobalGetAtomNameA
SetDefaultCommConfigA
SetConsoleCursor
GetThreadIOPendingFlag
GetProcessVersion
SetProcessWorkingSetSize
CloseHandle
BeginUpdateResourceA
GetConsoleTitleA
QueryPerformanceCounter
GetCurrentThread
HeapWalk
GetVersion
HeapSize
UnlockFile
_lcreat
Process32First
OpenFileMappingA
SetFileAttributesA
GetFileType
VerifyVersionInfoA
GetEnvironmentVariableA
SetHandleInformation
ReadConsoleOutputCharacterA
VirtualAlloc
GetDefaultCommConfigA
ReadConsoleOutputA
SetDllDirectoryA
GetMailslotInfo
VirtualFreeEx
SetSystemPowerState
GetTickCount
MapUserPhysicalPagesScatter
EnumSystemGeoID
SetFilePointer
DeleteFileA
CreateDirectoryA
_lclose
Sleep
ReadConsoleOutputCharacterA
GetFileInformationByHandle
GetFileAttributesA
SetConsoleInputExeNameA
GetTimeZoneInformation
ClearCommBreak
RemoveDirectoryA
FindNextVolumeMountPointW
GetCommandLineA
SleepEx
GetOverlappedResult
FindResourceExW
GetTapeParameters
LZSeek
CreatePipe
GetCommState
ReadConsoleInputA
GetFullPathNameA
IsBadStringPtrA
EndUpdateResourceA
GetModuleFileNameA
HeapFree
GetBinaryType
lstrcmpA
GetConsoleWindow
GetTempPathA
ReadConsoleInputA
LZCopy
GetCommTimeouts
LZSeek
GetSystemDirectoryA
RegisterWaitForInputIdle
DeleteTimerQueueTimer
GetConsoleMode
GetSystemWindowsDirectoryA
GetCPInfoExA
LZInit
WriteConsoleOutputCharacterW
GetProcessTimes
HeapQueryInformation
GetProcessIoCounters
ClearCommBreak
SetProcessPriorityBoost
SetComputerNameA
WriteConsoleOutputCharacterA
GetProcessShutdownParameters
FindFirstVolumeA
GetComputerNameA
GetProcessIoCounters
BeginUpdateResourceA
GetThreadSelectorEntry
GetComputerNameA
MoveFileWithProgressA
SetConsoleHardwareState
GetSystemWindowsDirectoryA
SetFileTime
MultiByteToWideChar
GetDiskFreeSpaceExA
Process32Next
EndUpdateResourceA
GetConsoleCommandHistoryLengthA
TransmitCommChar
GetFileTime
LZRead
GetSystemDefaultLCID
LoadLibraryExA
WinExec
GetTapeStatus
SetEvent
GetCurrentProcess
GetVersionExA
ExpandEnvironmentStringsA
GetFullPathNameA
BuildCommDCBAndTimeoutsA
FindNextVolumeMountPointA
GetProcessIoCounters
TerminateThread
GetModuleFileNameA
WaitForSingleObject
GetCommTimeouts
GetTickCount
IsSystemResumeAutomatic

user32

IsCharAlphaNumericW
EndMenu
SetWindowRgn
DefWindowProcA
EnumDesktopsA
IsWindow
GetProgmanWindow
CreateAcceleratorTableA
SetWindowRgn
CheckMenuRadioItem
DrawAnimatedRects
GetMenuStringA
LoadStringA
DisableProcessWindowsGhosting
TrackPopupMenu
LoadImageA
GetKeyboardLayout
GetScrollInfo
RegisterWindowMessageA
GetRawInputBuffer
MonitorFromPoint
GetSysColor
UnregisterClassA
DialogBoxIndirectParamA
DestroyWindow
GetWindowTextA
InvertRect
EnumDisplaySettingsExW
InvalidateRect
GetMonitorInfoA
MessageBoxIndirectA
DlgDirSelectComboBoxExA
SetPropA
GetPropA
MessageBoxIndirectA
GetMenuItemInfoA
GetScrollInfo
DestroyMenu
DrawFocusRect
IsCharUpperA
CreateMenu
OemToCharBuffW
RegisterRawInputDevices
CascadeChildWindows
LoadRemoteFonts
CreateWindowExA
DefFrameProcA
OpenIcon
GetComboBoxInfo
ChangeDisplaySettingsExW
PtInRect
MapVirtualKeyExW
GetTaskmanWindow
OpenIcon
GetRawInputData
SendMessageTimeoutA
ExcludeUpdateRgn
GetScrollPos
DestroyWindow
ScrollWindow
GetWindowTextLengthW
GetAsyncKeyState
CloseWindow
GetMenuItemCount
LoadAcceleratorsA
SwitchToThisWindow
IsServerSideWindow
InsertMenuA
DragObject
SetClassWord
SetScrollRange
GetMenuStringA
IsWindowEnabled
IsCharAlphaA
RegisterShellHookWindow
ReasonCodeNeedsBugID
LoadMenuA
CopyIcon
CallWindowProcA
RegisterClassA
GetClipboardFormatNameA
TranslateAcceleratorA
FrameRect
CharNextA
CountClipboardFormats

ws2_32

closesocket

Exports

Exports

InitDvoppvyodgl
CreateMvxdhpd
Xfraxrj
Pjumfyerv
Mipuxrid
CloseQdgmqpve

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45df98a9ca82b14949595d67d4439d73

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Exports

Exports

Sections

.itext Size: - Virtual size: 2KB

.text Size: 52KB - Virtual size: 686KB

.idata Size: 288KB - Virtual size: 286KB

.rsrc Size: 60KB - Virtual size: 58KB

.itext
Size: - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 686KB

.idata
Size: 288KB - Virtual size: 286KB

.rsrc
Size: 60KB - Virtual size: 58KB