b6bbf0df5a58845a2465286d058831ac

Sharing

Copy URL Twitter E-mail

General

Target

b6bbf0df5a58845a2465286d058831ac
Size

84KB
MD5

b6bbf0df5a58845a2465286d058831ac
SHA1

aac36c611c7d3ac271616210b3916e27f2ef1ab8
SHA256

388b219e7bda6a05d07ae3bfeedcf59e373d861b939c92f987033159fab203ae
SHA512

b7170cec73bc15f766b44530f2842361c50b8448b35e049c82837ca14242bb77aa1e10add8c8b79779bb399bdf6a0f597090bd1246884c40852f5b45665eb531
SSDEEP

1536:cHxU/hSZbGx2AcrEEkBLUMa4Gz46HBPvBursey9Z9X9L4+fue:QU/hSZWcEEkBLUBXvgwp9zX9LSe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6bbf0df5a58845a2465286d058831ac

Files

b6bbf0df5a58845a2465286d058831ac
.exe windows:4 windows x86 arch:x86

3a6b4de112336c9fa09d7bb969fb0e34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Replace
ImageList_GetIcon
ImageList_Create
ImageList_EndDrag
ImageList_DragLeave
ImageList_DrawEx
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Merge
ImageList_AddIcon
ImageList_GetIconSize
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_Remove
ImageList_GetDragImage
ImageList_Read
ImageList_Draw
ImageList_DragMove

gdi32

GetDCOrgEx
GetBitmapBits
ClearBrushAttributes
SetTextColor
CopyMetaFileA
BitBlt
GetBrushOrgEx
CloseMetaFile
CreateSolidBrush
GetClipBox
CloseFigure
GetPixel
GetPixel
AddFontResourceW
AbortPath
AddFontResourceA
RestoreDC
ExcludeClipRect

user32

CopyIcon
GetFocus
InsertMenuA
DialogBoxParamA
AppendMenuW
LoadCursorA
IsWindow
IsMenu
DrawTextW
GetDC
EndDialog
CloseWindow
DialogBoxParamW
CreateIcon
AppendMenuA
LoadMenuA
GetCursor
CalcMenuBar
DrawIcon
CopyImage

kernel32

OpenFileMappingA
OpenFile
GlobalFree
CopyFileExA
CopyFileA
CopyFileW
GetCPInfo
ReadConsoleA
SetLastError
FindAtomA
DeleteAtom
GetFileTime
ReadFile
FindFirstFileA
GetStdHandle
CopyFileExW
Sleep
DeleteFileA
GetComputerNameA
CreateThread
GetCommandLineA

advapi32

RegDeleteValueW
RegEnumValueA
RegDeleteValueA
RegReplaceKeyA
RegCreateKeyExA
RegEnumKeyExA
RegFlushKey
RegEnumKeyExW
RegDeleteKeyA
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegEnumKeyW
RegQueryInfoKeyW
RegQueryInfoKeyA
RegReplaceKeyW
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 579B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a6b4de112336c9fa09d7bb969fb0e34

Headers

File Characteristics

Imports

comctl32

gdi32

user32

kernel32

advapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 182KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: - Virtual size: 579B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 182KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 579B