b6a56e8bc8d8104101553fb1ab362e0c

Sharing

Copy URL Twitter E-mail

General

Target

b6a56e8bc8d8104101553fb1ab362e0c
Size

163KB
MD5

b6a56e8bc8d8104101553fb1ab362e0c
SHA1

f8b99cd7f07df32015ec049556994fd222cafd6a
SHA256

798daa4884f51105d09442e585dffa82a35d8e772ef54884aa9f1270ca59991b
SHA512

f23fb5839a25723d220138491d22957eb8de1122680108e84fdf518d93617c646b185c0b5e30a8538fd71fb9755f63ab1d8c81874c862b2d7210e7b1ee536aa8
SSDEEP

3072:xjvhogEtGDmHSDQEzbyjPvntPRSRqPW8Jm1LHvG2AFZX6Zh6m1/TixWQiSn3tkp:xjvvEey/r3nbSRCW8JmPvmXm1/TKfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6a56e8bc8d8104101553fb1ab362e0c

Files

b6a56e8bc8d8104101553fb1ab362e0c
.exe windows:4 windows x86 arch:x86

ee17f81ea782a63d850fc8ede8078545

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
CreateServiceA
GetSecurityDescriptorControl
GetTokenInformation
GetUserNameA
RegCloseKey
RegQueryValueExA
RegSetValueExA
StartServiceCtrlDispatcherA

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
DeleteAtom
DeleteCriticalSection
DeleteFileA
DuplicateHandle
ExitProcess
FindClose
FindNextFileA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCommandLineA
GetComputerNameA
GetConsoleCP
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetTickCount
GetVersionExA
GlobalHandle
GlobalReAlloc
HeapAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
IsBadWritePtr
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalAlloc
LocalFree
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
ReadProcessMemory
RemoveDirectoryA
SetEndOfFile
SetErrorMode
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsAlloc
VirtualAlloc
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WritePrivateProfileStringA
lstrcmpiA
lstrcpyA
lstrlenA

ole32

IIDFromString
OleRegGetUserType
StringFromCLSID

user32

CharNextA
CharUpperA
CheckMenuItem
CheckRadioButton
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DrawFocusRect
GetDesktopWindow
GetMenuItemCount
GetMessageA
GetParent
GetSubMenu
GetSysColor
GetWindowLongA
GetWindowTextLengthA
InflateRect
LoadBitmapA
LoadStringA
MessageBoxA
PeekMessageA
PtInRect
RegisterClassA
RegisterWindowMessageA
SendDlgItemMessageA
SendMessageA
SetTimer
UnhookWindowsHookEx
UpdateWindow
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: - Virtual size: 276KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 160KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee17f81ea782a63d850fc8ede8078545

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

.text Size: - Virtual size: 276KB

.data Size: 160KB - Virtual size: 164KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 276KB

.data
Size: 160KB - Virtual size: 164KB

.rsrc
Size: 2KB - Virtual size: 1KB