b6e4b80154c26c3f8fc56ea2aa027026

Sharing

Copy URL Twitter E-mail

General

Target

b6e4b80154c26c3f8fc56ea2aa027026
Size

501KB
MD5

b6e4b80154c26c3f8fc56ea2aa027026
SHA1

c8dbb749261269898874f063f375f55f758406c4
SHA256

bf96462e474c51b08dd66d2e9c90ae6b62288ad386e8f9cb53e36cf246b68a4c
SHA512

82bb4443fcd3027ae0f109a1dab0c586731928e392d476cd03ab67064f4e8bbc0604ed3b0fe960ad00005c3b6744f88b1a3d0475af694d3e6c17e5d91b042eb8
SSDEEP

12288:pf3AttiBxnWhX2uf6gLxatpRm6UR2jbg8Zpzl:13AbNX1fZ8tzWkgSzl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6e4b80154c26c3f8fc56ea2aa027026

Files

b6e4b80154c26c3f8fc56ea2aa027026
.exe windows:4 windows x86 arch:x86

0790a20ee2c9d7f67830b38c46cba42f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
SetLastError
SetFilePointer
TlsFree
RtlUnwind
GetStringTypeW
WideCharToMultiByte
GetPriorityClass
CreateMutexA
VirtualQuery
ConvertDefaultLocale
UnhandledExceptionFilter
DeleteCriticalSection
GetCommandLineA
GetStdHandle
WriteFile
GetACP
SetEnvironmentVariableA
GetLocaleInfoA
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStrings
TlsSetValue
GetLocaleInfoW
LeaveCriticalSection
IsBadWritePtr
OpenMutexA
EnumSystemLocalesA
CompareStringA
LCMapStringA
LCMapStringW
GetDateFormatA
CreateSemaphoreA
HeapFree
EnterCriticalSection
VirtualAlloc
HeapDestroy
GetProcAddress
HeapSize
InitializeCriticalSection
HeapAlloc
GetModuleHandleW
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsGetValue
MultiByteToWideChar
GetFileType
SetHandleCount
QueryPerformanceCounter
GetLogicalDriveStringsA
GetEnvironmentStringsW
ExitProcess
GetStartupInfoA
ReadFile
GetTimeFormatA
HeapReAlloc
OpenEventW
VirtualProtect
FreeEnvironmentStringsA
FlushFileBuffers
GetTickCount
GetSystemInfo
GetOEMCP
GetCPInfo
IsValidLocale
SleepEx
GetUserDefaultLCID
lstrlenW
GetVersionExA
TerminateProcess
LoadLibraryA
InterlockedExchange
GetStringTypeA
GetCurrentThreadId
CreateWaitableTimerA
GetCurrentThread
GetModuleFileNameA
CloseHandle
GetTimeZoneInformation
GetCurrentProcess
GetLastError
CompareStringW
SetStdHandle
GetModuleHandleA
IsValidCodePage
TlsAlloc

advapi32

ReportEventW
DuplicateTokenEx
RegFlushKey
RegCloseKey
RegDeleteKeyA

wininet

CreateUrlCacheContainerA
InternetAttemptConnect
InternetCheckConnectionA
InternetGoOnline
FindCloseUrlCache
InternetSecurityProtocolToStringA
InternetQueryOptionA

comctl32

GetEffectiveClientRect
ImageList_GetImageCount
ImageList_AddIcon
ImageList_SetOverlayImage
ImageList_Read
ImageList_Destroy
CreateStatusWindow
ImageList_DrawEx
CreateMappedBitmap
ImageList_Merge
ImageList_ReplaceIcon
ImageList_DragLeave
InitCommonControlsEx

comdlg32

PrintDlgA
ChooseFontA
PageSetupDlgA

user32

ChangeClipboardChain
WINNLSEnableIME
ValidateRect
GetKeyNameTextW
FreeDDElParam
MessageBoxW
DestroyWindow
SetFocus
CopyRect
MsgWaitForMultipleObjects
ScrollWindowEx
PostThreadMessageA
CreateDialogParamW
RegisterClassExA
DefWindowProcA
IsChild
GetQueueStatus
CreateWindowExW
CheckMenuRadioItem
ShowWindow
SetScrollRange
SetUserObjectSecurity
DdeUninitialize
CharLowerW
RegisterClassA
SetThreadDesktop
MsgWaitForMultipleObjectsEx
LoadAcceleratorsW
DefFrameProcA
ChangeDisplaySettingsW
ShowScrollBar

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0790a20ee2c9d7f67830b38c46cba42f

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

comctl32

comdlg32

user32

Sections

.text Size: 155KB - Virtual size: 155KB

.rdata Size: 216KB - Virtual size: 233KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 155KB - Virtual size: 155KB

.rdata
Size: 216KB - Virtual size: 233KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 24KB - Virtual size: 23KB