b6f7d0782c5f24197ffec5fb53d66fa4

General

Target

b6f7d0782c5f24197ffec5fb53d66fa4
Size

148KB
MD5

b6f7d0782c5f24197ffec5fb53d66fa4
SHA1

9cb8cd63561da0490c79402aa193afbf6d27c842
SHA256

62b38ea02277546c072e8db0c29bac77bc71fe475b5073078bbebf0a50b47b8b
SHA512

235ea8d7ee9cc8649edb923cc8c230b8400a8ee973f3986d41d2bdba40159cb64ede105ecafaf4d5b01029fae9d9372bd8e21a133ce0457872d7d168f6af039d
SSDEEP

768:erEzecTEj/QTDCX2PE8hQGrV9NEUqgNpjfoVAS/hGxfha5A:e6EjYTuKQhUhNhS6j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6f7d0782c5f24197ffec5fb53d66fa4

Files

b6f7d0782c5f24197ffec5fb53d66fa4
.exe windows:4 windows x86 arch:x86

fa46d53c54c64f027dbe57aa8ed19c51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
fopen
printf
fseek
ftell
fgetc
fread
fclose
memcpy
time
strcmp
strstr
strlen
sprintf
strcat
memset
strcpy

kernel32

GetStartupInfoA
LocalAlloc
lstrcmpiA
TerminateProcess
GetCurrentProcess
OpenProcess
VirtualAllocEx
WriteProcessMemory
WinExec
CloseHandle
WriteFile
lstrlenA
CreateFileA
lstrcmpA
lstrcatA
lstrcpyA
GetSystemDirectoryA
GetModuleFileNameA
Sleep
SetSystemTime
GetSystemTime
GetLastError
CreateThread
Process32Next
Process32First
CreateToolhelp32Snapshot
GetFileSize
DeleteFileA
GetPrivateProfileStringA
GetModuleHandleA
WritePrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
GetComputerNameA
CopyFileA
GetVersionExA
CreateRemoteThread
GetPrivateProfileIntA

user32

wsprintfA
FindWindowExA
PostMessageA
CharUpperA

advapi32

ControlService
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
QueryServiceStatus
OpenServiceA
StartServiceA
ChangeServiceConfigA
QueryServiceConfigA

ole32

CoCreateGuid

Sections

.Upack
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa46d53c54c64f027dbe57aa8ed19c51

Headers

File Characteristics

Imports

urlmon

wininet

msvcrt

kernel32

user32

advapi32

ole32

Sections

.Upack Size: 144KB - Virtual size: 144KB

.Upack
Size: 144KB - Virtual size: 144KB