b6ffa3a1c9e5ea0bd58fd2a38d42e71a

General

Target

b6ffa3a1c9e5ea0bd58fd2a38d42e71a
Size

190KB
MD5

b6ffa3a1c9e5ea0bd58fd2a38d42e71a
SHA1

a60d2e00d3e35e8213ee3067eb2f3f99871b92b4
SHA256

b33b9e3dd5a662d5e11dc5d5f6df13e2b1afc4be217c3553fb0f3981591c432d
SHA512

aed45802da05da28c27fddb4d432d9e92fcfd03230063a93ab5e9710f3a1e6fad02cc3e15077fe0c484b9c42acf34de3f53cea1392fe1701cc7dcd4d00bd08c0
SSDEEP

3072:WdiSzIWcZqKJdiPw6zfQBat16C142rfCndGBTw1dKdIOlOPw:WdikRw3pnBaCCmV1dcpB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6ffa3a1c9e5ea0bd58fd2a38d42e71a

Files

b6ffa3a1c9e5ea0bd58fd2a38d42e71a
.exe windows:4 windows x86 arch:x86

75f82ffc676655d4f637ed13a7cf23fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualProtectEx
GetConsoleMode
DuplicateConsoleHandle
LoadLibraryW
CreateDirectoryA
GetCurrentConsoleFont
Beep
IsSystemResumeAutomatic
WriteFileEx
WriteConsoleW
MoveFileA
EnumCalendarInfoExW
WriteFileGather
WriteConsoleInputVDMW

user32

VkKeyScanExA
SetDlgItemTextA
GetWindowWord
ModifyMenuW
LoadMenuA
IsZoomed
DrawStateW
User32InitializeImmEntryTable
DdeAbandonTransaction
CreateAcceleratorTableW
GetClassNameA
BlockInput

shell32

ExtractAssociatedIconW
StrNCmpIA
StrRChrW
SHHelpShortcuts_RunDLLW
ShellAboutA
FindExecutableW
ShellExecuteExA

gdi32

StartDocW
GetAspectRatioFilterEx
GdiSetBatchLimit
SetMiterLimit
GetTextExtentExPointI
GetFontResourceInfoW
RealizePalette
CopyEnhMetaFileA
GetDIBColorTable
GdiIsMetaPrintDC
GetKerningPairsA
RemoveFontResourceA

Sections

.code
Size: 9KB - Virtual size: 810KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 177KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75f82ffc676655d4f637ed13a7cf23fe

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

Sections

.code Size: 9KB - Virtual size: 810KB

.data Size: 177KB - Virtual size: 178KB

.rsrc Size: 1024B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 3KB

.pack32 Size: - Virtual size: 4KB

.code
Size: 9KB - Virtual size: 810KB

.data
Size: 177KB - Virtual size: 178KB

.rsrc
Size: 1024B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 3KB

.pack32
Size: - Virtual size: 4KB