a06f073cea6e2cc32a55d64fb6e09dc7

Sharing

Copy URL Twitter E-mail

General

Target

a06f073cea6e2cc32a55d64fb6e09dc7
Size

171KB
MD5

a06f073cea6e2cc32a55d64fb6e09dc7
SHA1

c2219aa20da8f9d436afd2a15c10cb7dc1a3635b
SHA256

c1bfde8addf75bd13a9cf4fefce8c6729529ff3a06fb9842f6ec39ded8747aab
SHA512

d38a5836bfbc737a849a0c932074353b59871c5ee7eedb86a83afe506331cd81c6468e9bae5e55f35cfc28f42d3fac05afa972451dde4b21509a41407af6d6c6
SSDEEP

3072:xJzM5Axy4qOhsUZBz7DK6D66j9035orbNkNEzaaUcNHHA:DoGxJBZBzK+66ja2NkNExPH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a06f073cea6e2cc32a55d64fb6e09dc7

Files

a06f073cea6e2cc32a55d64fb6e09dc7
.exe windows:4 windows x86 arch:x86

227ecc1620302606147043075ed4cc02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
ConvertDefaultLocale
FindClose
FindNextFileW
GetCurrentDirectoryW
EnumResourceLanguagesW
lstrcpyW
GetSystemDefaultLangID
SetFileTime
GetThreadContext
GetVersion
DeleteFileW
InterlockedDecrement
SetFilePointer
RemoveDirectoryW
LoadLibraryW
WideCharToMultiByte
ReadFile
CreateDirectoryW
EnumResourceNamesA
WriteFile
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateFileW
GetCurrentProcessId
ExitProcess
GetLocaleInfoW
MultiByteToWideChar
FindFirstFileW
GetModuleFileNameW
GetFileAttributesW
MoveFileW
GetProcAddress

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetNextDlgTabItem
CopyAcceleratorTableW
RegisterWindowMessageW
CharUpperW
SetPropW
RemovePropW
WinHelpW
GetClassLongW
InvalidateRgn
SendDlgItemMessageA
CharNextW
GetPropW
GetNextDlgGroupItem
IsRectEmpty
MessageBeep
SetRect
InvalidateRect
GetClassInfoExW
CreateWindowExW
DestroyMenu

gdi32

SelectObject
ScaleWindowExtEx
GetStockObject
PtVisible
RectVisible
ExtSelectClipRgn
ExtTextOutW
SetWindowExtEx
GetMapMode
TextOutW
DeleteDC
SetViewportOrgEx
GetDeviceCaps
OffsetViewportOrgEx
GetBkColor
Escape
GetTextColor
ScaleViewportExtEx
GetRgnBox

advapi32

RegQueryValueW
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW

ole32

CoUninitialize
OleUninitialize
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoGetClassObject
CLSIDFromProgID
CoCreateInstance
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoInitialize
CoTaskMemAlloc
OleInitialize
OleFlushClipboard
CoTaskMemFree
CLSIDFromString

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

227ecc1620302606147043075ed4cc02

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

oleacc

user32

gdi32

advapi32

ole32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 68KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 68KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 96KB