b6a86b3dc2c3d4d21c807d7a455f4fff

Sharing

Copy URL Twitter E-mail

General

Target

b6a86b3dc2c3d4d21c807d7a455f4fff
Size

584KB
MD5

b6a86b3dc2c3d4d21c807d7a455f4fff
SHA1

809ca23270d46b83104fae55e6a547d1c5b8946d
SHA256

8cf3ea43a12305845b88dfd1ff7b758d597917114e909fdb9459799594b10ce4
SHA512

ab51021155a864ddd4ddfbd9d9c5fe10555ce4d14716c0312e1fd3ddb0725f5fdf5a7500ab1ee2df57d8661e2bb799d5b4fcf962260ffcbb930a5e7c02f1bf81
SSDEEP

12288:JDDNZnejlDkYSIr8evcB4t4maadh4E6HD//B3OEzuw8MMH1jHa:JuZYYSweB4JaaoE6HD/J3X78MMVjHa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6a86b3dc2c3d4d21c807d7a455f4fff

Files

b6a86b3dc2c3d4d21c807d7a455f4fff
.exe windows:4 windows x86 arch:x86

a0f3cf527fc950d6b9fb605630648cdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\

Imports

kernel32

VirtualQuery
SetFilePointer
lstrcmpW
WriteConsoleA
GetStringTypeA
GetNumberFormatW
GetOEMCP
HeapSize
GetStartupInfoA
GetPrivateProfileSectionNamesW
GetEnvironmentStrings
GetLocaleInfoA
LCMapStringA
SetLocaleInfoW
WaitCommEvent
GlobalReAlloc
HeapFree
HeapCreate
VirtualFree
HeapAlloc
GetStringTypeW
LCMapStringW
CreateEventA
GetPrivateProfileStructW
GetModuleFileNameA
GetUserDefaultLangID
TlsAlloc
GetCPInfo
ReadConsoleA
GetSystemDefaultLangID
InterlockedExchangeAdd
RtlUnwind
GetCurrentProcess
ResumeThread
GetSystemTimeAsFileTime
EnumSystemLocalesA
InterlockedIncrement
EnterCriticalSection
TerminateProcess
EnumCalendarInfoW
SetEnvironmentVariableA
LeaveCriticalSection
WaitForSingleObject
CreateMutexA
GetConsoleMode
GetLastError
GetDateFormatW
LoadLibraryA
GetEnvironmentStringsW
IsValidCodePage
DeleteCriticalSection
VirtualAlloc
FreeLibrary
GetProcAddress
GetDateFormatA
GetPrivateProfileSectionNamesA
IsValidLocale
GetConsoleTitleW
GetCurrentThread
SetConsoleCtrlHandler
SystemTimeToFileTime
GetDiskFreeSpaceExW
HeapDestroy
GetLocaleInfoW
FindResourceExA
GetTickCount
TlsFree
GetStdHandle
ExpandEnvironmentStringsA
OpenEventA
GetCurrentThreadId
WriteFile
lstrlen
FreeEnvironmentStringsA
CreateFileA
lstrlenA
GetTimeFormatA
GetACP
SetThreadPriority
GetVersionExA
GetTimeZoneInformation
QueryPerformanceCounter
SetLastError
InitializeCriticalSection
GetPriorityClass
TlsSetValue
CompareStringA
SetHandleCount
ReadConsoleInputA
SetLocaleInfoA
lstrlenW
FillConsoleOutputCharacterA
InterlockedExchange
MultiByteToWideChar
UnlockFileEx
GetCurrentProcessId
TlsGetValue
FlushConsoleInputBuffer
ReadFile
CompareStringW
CreateNamedPipeA
WideCharToMultiByte
IsDebuggerPresent
OpenMutexA
Sleep
ExitProcess
FindNextFileA
GetConsoleOutputCP
GetFileType
GetPrivateProfileIntW
HeapReAlloc
CloseHandle
GetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
GetConsoleCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetProcessHeap
FreeEnvironmentStringsW
GetModuleHandleA
SetStdHandle
InterlockedDecrement
WriteConsoleW
GetUserDefaultLCID
FlushFileBuffers

shell32

SHUpdateRecycleBinIcon
SHBrowseForFolder

gdi32

DescribePixelFormat
GetCharABCWidthsFloatA
CreateRectRgnIndirect
GetNearestColor
GetEnhMetaFileW
AnimatePalette
GetPaletteEntries
CreatePolygonRgn
DeviceCapabilitiesExW
CreateHalftonePalette
SetTextCharacterExtra
AddFontResourceA
SetAbortProc
GetTextCharacterExtra
GetWorldTransform
BitBlt
EnumFontsW
Arc
GdiPlayJournal
GdiPlayDCScript
DeleteEnhMetaFile
InvertRgn
OffsetViewportOrgEx

wininet

DeleteIE3Cache
InternetQueryDataAvailable
FtpSetCurrentDirectoryA
HttpEndRequestW
HttpSendRequestA
InternetOpenUrlA
FtpRemoveDirectoryA

comctl32

ImageList_Replace
ImageList_Read
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Copy
ImageList_AddMasked
CreateStatusWindow
ImageList_GetIconSize
InitCommonControlsEx
ImageList_EndDrag
ImageList_SetFlags
CreatePropertySheetPage
ImageList_Add
ImageList_AddIcon
ImageList_DragLeave
ImageList_LoadImageA
ImageList_GetDragImage
ImageList_SetDragCursorImage
ImageList_SetFilter

user32

GetScrollBarInfo
CreateDesktopA
OemToCharW
SetCursor
GetKeyboardState
DdeInitializeW
DdeQueryStringA
MsgWaitForMultipleObjectsEx
GetNextDlgGroupItem
SetTimer
GetGUIThreadInfo
wvsprintfW
ShowWindow
SendNotifyMessageA
DdeQueryConvInfo
GetClassLongA
CreateMDIWindowA
DdeGetLastError
LoadMenuA
DrawStateW
RegisterClassA
RemovePropW
EnumPropsExA
MenuItemFromPoint
EnumPropsW
GetMonitorInfoA
MessageBoxA
RegisterClassExA
GetAltTabInfo
DestroyWindow
EnumDesktopsA
DefWindowProcA
SetMenuInfo
PostQuitMessage
CreateWindowExA
DeleteMenu
CharLowerBuffA
SetClipboardData
IsClipboardFormatAvailable

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0f3cf527fc950d6b9fb605630648cdb

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

gdi32

wininet

comctl32

user32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 120KB - Virtual size: 136KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 120KB - Virtual size: 136KB

.rsrc
Size: 16KB - Virtual size: 15KB