c6281a0256916bff83cec38a21e3cd84

Sharing

Copy URL Twitter E-mail

General

Target

c6281a0256916bff83cec38a21e3cd84
Size

58KB
MD5

c6281a0256916bff83cec38a21e3cd84
SHA1

1bb6e6a9499eda737644cd44fbad5b5febbf63c5
SHA256

8bdc6f40bf3693da340d63c568a1a52b9381ecb3d1f946b479f46c93e9705a59
SHA512

5bbbf0450a32e447fc4ce71d120e5f674d1f46c1a8f612cc13ba830b2bbcbbccc9861f894a95b51d018159e573bbfb2df356785e4ea06d0b168740a2b2e9b9f7
SSDEEP

1536:mKdh/9A7+SEII0f0vBFyGe2nEeH6vZsFuDnXZMf:mUk+7/0fAFQGEeavZnpMf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6281a0256916bff83cec38a21e3cd84

Files

c6281a0256916bff83cec38a21e3cd84
.exe windows:4 windows x86 arch:x86

93914b3e1b40a371cf593c9fd72ce075

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
CreateIoCompletionPort
GetSystemTimeAdjustment
FormatMessageA
GlobalFree
MulDiv
FillConsoleOutputAttribute
EnumSystemLocalesA
WriteProfileSectionA
CallNamedPipeA
SetNamedPipeHandleState
VirtualFreeEx
FileTimeToLocalFileTime
WaitCommEvent
GenerateConsoleCtrlEvent
FreeEnvironmentStringsA
ResetWriteWatch
ReadFileScatter
SetCommMask
GetNamedPipeHandleStateA
SetTapePosition
SetTapeParameters
ResumeThread
GetCurrentThreadId
WriteConsoleOutputCharacterA
GetSystemInfo
SetCommTimeouts
TransmitCommChar
CreateEventA
lstrcpyn
GetFileTime
ReadFile
FindResourceA
ContinueDebugEvent
WriteFileGather
FindResourceExA
CreateMutexA
SetEndOfFile
GetProfileIntA
ConvertDefaultLocale
GetModuleFileNameA
RaiseException
ReadConsoleA
GetCurrentProcess
SetLocaleInfoA
VirtualQuery
GetPriorityClass
FlushConsoleInputBuffer
LocalSize
GlobalAddAtomA
_lwrite
GetNumberOfConsoleInputEvents

shlwapi

StrCSpnA
StrCmpNIA
PathRemoveFileSpecA
PathFileExistsA
StrPBrkA
StrSpnA
PathIsFileSpecA
SHRegCloseUSKey
PathIsSameRootA
SHRegQueryInfoUSKeyA
PathGetArgsA
HashData
SHCreateShellPalette
StrIsIntlEqualA
PathMakePrettyA
PathFindOnPathA
SHRegEnumUSValueA
AssocQueryStringA
UrlHashA
SHCreateStreamWrapper
SHGetValueA
StrChrIA
SHSkipJunction
PathRemoveBlanksA
PathFindFileNameA
PathIsRelativeA
PathIsUNCServerShareA
PathUnmakeSystemFolderA
StrFormatKBSizeA
PathSearchAndQualifyA
SHAutoComplete
UrlIsOpaqueA
PathCanonicalizeA
SHRegDeleteEmptyUSKeyA
StrRetToBufA
PathStripToRootA
SHDeleteOrphanKeyA
StrStrIA

Sections

.slgp
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jmn
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rerut
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pspst
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93914b3e1b40a371cf593c9fd72ce075

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.slgp Size: 22KB - Virtual size: 45KB

.jmn Size: 5KB - Virtual size: 10KB

.rerut Size: 1024B - Virtual size: 1KB

.pspst Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.slgp
Size: 22KB - Virtual size: 45KB

.jmn
Size: 5KB - Virtual size: 10KB

.rerut
Size: 1024B - Virtual size: 1KB

.pspst
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB