b6bafdc4e5a1790cf5f3aea303939394

Sharing

Copy URL

Twitter E-mail

General

Target

b6bafdc4e5a1790cf5f3aea303939394
Size

540KB
MD5

b6bafdc4e5a1790cf5f3aea303939394
SHA1

dff1a93961fc8a8e3d0f46a19efbe6b091ba904a
SHA256

cac806f41bf84b75e99e97ba9df303ffab982f6f1662dbf241279b9b1b40f993
SHA512

61fdbe50cecd776ac86b878aa1a80c9ed30bcc6f2488a4201e48632958e9a1171df6eb565f5bc0e09b86e82ca0aa6a185495149a4505161ba6bc1f2983bf33a7
SSDEEP

12288:jvFf+rKTgV0Kd2s3kz31DRXIEvamjUC2z6uAtv:jvUBJA3t9Imam/uK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6bafdc4e5a1790cf5f3aea303939394

Files

b6bafdc4e5a1790cf5f3aea303939394
.exe windows:4 windows x86 arch:x86

a4d4e58861339d54fd4fecf2bbca5056

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
HeapAlloc
GetLocaleInfoW
ExitProcess
GetFileType
GetProcAddress
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetEnvironmentStrings
SetFilePointer
TlsSetValue
SetHandleCount
SetEnvironmentVariableA
WriteFile
GetModuleFileNameA
EnterCriticalSection
GetCurrentProcess
GetCurrentThreadId
GetACP
TerminateProcess
WriteConsoleW
OpenMutexA
FreeEnvironmentStringsA
LeaveCriticalSection
FlushFileBuffers
TlsAlloc
GetStringTypeW
IsDebuggerPresent
CompareStringW
RtlUnwind
VirtualFree
GetConsoleCP
GetEnvironmentStringsW
QueryPerformanceCounter
ReadFile
GetTickCount
IsValidLocale
GetCurrentProcessId
FreeEnvironmentStringsW
GetLastError
GetStartupInfoA
CreateFileA
Sleep
VirtualAlloc
TlsGetValue
GetOEMCP
EnumSystemLocalesA
InterlockedIncrement
HeapSize
LoadLibraryA
GetModuleHandleW
CloseHandle
FreeLibrary
GetConsoleMode
IsValidCodePage
SetStdHandle
SetLastError
GetDateFormatA
HeapReAlloc
GetUserDefaultLCID
VirtualQuery
HeapDestroy
InterlockedExchange
AddAtomA
GetModuleHandleA
HeapCreate
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
InterlockedDecrement
LCMapStringA
DeleteCriticalSection
LocalSize
OpenEventA
GetTimeFormatA
GetConsoleOutputCP
GetStringTypeA
HeapFree
GetCurrentThread
CreateMutexA
LCMapStringW
GetCommandLineA
WideCharToMultiByte
GetStdHandle
MultiByteToWideChar
CompareStringA
WriteConsoleA
GetCPInfo
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetLocaleInfoA

advapi32

LookupPrivilegeNameA
CryptSignHashW
RegReplaceKeyW
RegCloseKey
CryptSetProviderW

wininet

InternetSetDialState
RetrieveUrlCacheEntryStreamA
GetUrlCacheEntryInfoW
InternetInitializeAutoProxyDll
InternetSetOptionExA
FreeUrlCacheSpaceW
HttpCheckDavCompliance
HttpSendRequestExA
FtpOpenFileA

shell32

DragAcceptFiles
SHGetSettings
SHGetSpecialFolderPathA
SHGetPathFromIDList

gdi32

GetCharWidthW
SetPaletteEntries
SetAbortProc
PlayMetaFile
SetMetaRgn
GetTextCharsetInfo
GdiGetBatchLimit
GetTextFaceA
SetTextAlign
RemoveFontResourceA
ArcTo
GetMapMode
PlgBlt

user32

RegisterClassA
RegisterClassExA
CreateIconFromResource

comctl32

InitCommonControlsEx

Sections

.text
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4d4e58861339d54fd4fecf2bbca5056

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

shell32

gdi32

user32

comctl32

Sections

.text Size: 203KB - Virtual size: 203KB

.rdata Size: 10KB - Virtual size: 34KB

.data Size: 318KB - Virtual size: 317KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 203KB - Virtual size: 203KB

.rdata
Size: 10KB - Virtual size: 34KB

.data
Size: 318KB - Virtual size: 317KB

.rsrc
Size: 7KB - Virtual size: 7KB