b6b1a92d23526184cc339584b8c14f3f

Sharing

Copy URL Twitter E-mail

General

Target

b6b1a92d23526184cc339584b8c14f3f
Size

3.6MB
MD5

b6b1a92d23526184cc339584b8c14f3f
SHA1

ea828375247a7829cd418a885d5d8b12235b3cf8
SHA256

3f3c74c6c8b85a97507456368fc30ce643048a75d9df083e4cd48b40063e277b
SHA512

aad1ebf2300464de5f8d644824aaa501431744da18b9789e1e9b9b19f55bf9918f1fee7c8c54dc173892d76bc6a2580dc6319c37c7d323c044bdc5d8d70ba270
SSDEEP

49152:F8QxRsRjDGU4g3QeFOV+khO2N3Qw/4beYNA9r1jcFcqMgETTGWVIRe9B3CQAeTPY:FvRsliJeFOTaeSAB8FMgZRRIN7xtO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6b1a92d23526184cc339584b8c14f3f

Files

b6b1a92d23526184cc339584b8c14f3f
.exe windows:5 windows x86 arch:x86

81bd17713ba4c5c8a20360b01c667b2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GetProcAddress
GetProcessWorkingSetSize
VirtualLock
OpenProcess
EnumDateFormatsW
LocalFree
ResumeThread
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleA
ExitProcess

user32

GetClassInfoExW
MessageBoxA
CreateWindowExA
GetClassNameW
RegisterClassW

advapi32

OpenProcessToken

psapi

GetProcessMemoryInfo

Sections

z
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

x
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

z
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

z
Size: 2KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

2ar
Size: 130KB - Virtual size: 128KB

IMAGE_SCN_MEM_READ

8sc
Size: 194KB - Virtual size: 192KB

IMAGE_SCN_MEM_READ

WKp
Size: 194KB - Virtual size: 192KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81bd17713ba4c5c8a20360b01c667b2d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

psapi

Sections

z Size: 2KB - Virtual size: 4KB

x Size: 2KB - Virtual size: 4KB

z Size: 2KB - Virtual size: 4KB

.tls Size: 2KB - Virtual size: 4KB

z Size: 2KB - Virtual size: 4KB

.RSRC Size: 1.8MB - Virtual size: 1.8MB

z Size: 2KB - Virtual size: 1.7MB

2ar Size: 130KB - Virtual size: 128KB

8sc Size: 194KB - Virtual size: 192KB

WKp Size: 194KB - Virtual size: 192KB

z
Size: 2KB - Virtual size: 4KB

x
Size: 2KB - Virtual size: 4KB

z
Size: 2KB - Virtual size: 4KB

.tls
Size: 2KB - Virtual size: 4KB

z
Size: 2KB - Virtual size: 4KB

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

z
Size: 2KB - Virtual size: 1.7MB

2ar
Size: 130KB - Virtual size: 128KB

8sc
Size: 194KB - Virtual size: 192KB

WKp
Size: 194KB - Virtual size: 192KB