6c97f6e766bea5e8e01948d34deedcdd25c1dd18baf47e7114f0db02ebd5cafd

Sharing

Copy URL Twitter E-mail

General

Target

6c97f6e766bea5e8e01948d34deedcdd25c1dd18baf47e7114f0db02ebd5cafd
Size

638KB
MD5

abf92d197728c8dadee44a064e7b8a63
SHA1

6c8676a94c3019c49666383aa12bb8af7ec22a1b
SHA256

6c97f6e766bea5e8e01948d34deedcdd25c1dd18baf47e7114f0db02ebd5cafd
SHA512

d3223d49ee8e486898d17397b83b3888dcdbe6af725557616291b4a9b8944c9905baeb210597cd9316234e217a26ce577def0d46c44dee57f8e9a3607683114b
SSDEEP

12288:t4B0t2AoQOEMniaWg+ZYoELO1YsSo5FA9yRM8wH5zro9F:+B8ZONnzJ+ZZUXsSu1RM8Qxo9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c97f6e766bea5e8e01948d34deedcdd25c1dd18baf47e7114f0db02ebd5cafd

Files

6c97f6e766bea5e8e01948d34deedcdd25c1dd18baf47e7114f0db02ebd5cafd
.exe windows:5 windows x86 arch:x86

b569a6c39b118e60f9644b5958e635ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
CreateThread
GetTempPathW
SetFilePointer
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
WriteFile
MulDiv
LocalFree
FormatMessageW
GetWindowsDirectoryW
GetEnvironmentVariableW
DeleteFileW
CopyFileW
MoveFileW
FindClose
FindNextFileW
FindFirstFileW
LoadLibraryW
SetErrorMode
FreeLibrary
GetCurrentProcess
GetProcAddress
GetModuleFileNameW
GetModuleHandleW
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetLastError
HeapFree
RtlUnwind
LCMapStringA
LCMapStringW
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapSize
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
GetFullPathNameW
GetFileSize
ReadFile
CloseHandle
CreateFileW
GetFileAttributesW
RaiseException
GetSystemDefaultLangID

user32

IsDlgButtonChecked
CheckDlgButton
ShowWindow
SetWindowPos
GetWindowRect
GetDesktopWindow
PostMessageW
SetClassLongW
DestroyMenu
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetWindowTextW
EndDialog
LoadIconW
DialogBoxParamW
OemToCharBuffA
LoadCursorW
SetCursor
GetSystemMetrics
GetClientRect
GetDlgItemTextW
GetActiveWindow
MessageBoxW
SendMessageW
FindWindowA
GetWindowTextA
SetWindowTextA
GetDC
ReleaseDC
GetDlgItem
GetCursorPos
SetDlgItemTextW
SetWindowTextW
SetDlgItemTextA

gdi32

CreateFontIndirectW
GetDeviceCaps

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

OleUninitialize
CoCreateInstance
OleInitialize

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b569a6c39b118e60f9644b5958e635ee

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 10KB - Virtual size: 10KB