c6687d41c31484d5a3eec0853f549ae6

Sharing

Copy URL Twitter E-mail

General

Target

c6687d41c31484d5a3eec0853f549ae6
Size

580KB
MD5

c6687d41c31484d5a3eec0853f549ae6
SHA1

1c5fb3ec5ef99bb112158e6eab3eebc460659587
SHA256

0179125de7a42623a4da58984f28997a4c9481d6e814ef9446755cf598fa8d38
SHA512

130de96a12c3042420b45502ca7e83ad4504814249c10e1d3d2110644ad67f0ef084cf07330a2dc7bb4ed2484f355b6f17f64652c4ad37944c72aff3a2a240eb
SSDEEP

12288:rqvrSWBhRRlojkERDa5p0+b9YpKznFDN4wd1c2Q41I:rqvrSWBhRRlakE05pd6gztzchu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6687d41c31484d5a3eec0853f549ae6

Files

c6687d41c31484d5a3eec0853f549ae6
.exe windows:4 windows x86 arch:x86

a6a2e47a0527e94a9b0b5cec07d8eabf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\AMDBGSGYR\UGJSTYNY\ZKA\X

Imports

shell32

SHFormatDrive
SHGetSpecialFolderPathW
RealShellExecuteW
SHFileOperationW

advapi32

RegEnumValueW
CryptGetDefaultProviderW
CryptSetProviderA
GetUserNameA
LogonUserA
RegQueryMultipleValuesW
CryptGetProvParam
LookupPrivilegeDisplayNameA
CryptEnumProviderTypesW
CryptVerifySignatureW
LookupPrivilegeValueW
RegEnumKeyW
CryptSignHashA
RegOpenKeyExW
RegCloseKey
RegReplaceKeyA
LookupSecurityDescriptorPartsW
CryptVerifySignatureA
CryptImportKey
RegSaveKeyA
RegOpenKeyA

comctl32

ImageList_DragLeave
CreateUpDownControl
ImageList_SetFlags
ImageList_ReplaceIcon
CreateStatusWindowA
InitCommonControlsEx
CreateToolbarEx

gdi32

CreateCompatibleBitmap
ResetDCA
ColorMatchToTarget
InvertRgn
GetPixel
GetTextExtentPointA
GetOutlineTextMetricsW
GetTextExtentPoint32A
RoundRect
TextOutW
SetViewportExtEx
StartPage

kernel32

GetTimeZoneInformation
InitializeCriticalSection
HeapValidate
HeapFree
GetStringTypeW
OpenSemaphoreW
ExitProcess
HeapCreate
lstrcpynA
ReleaseMutex
QueryPerformanceCounter
GetLongPathNameA
WaitForSingleObject
RemoveDirectoryW
GetFileType
GetCommandLineW
CreateMutexA
FreeEnvironmentStringsA
IsBadWritePtr
WritePrivateProfileSectionW
GetCurrentThread
MultiByteToWideChar
WaitForSingleObjectEx
SetLastError
LoadResource
TransactNamedPipe
FillConsoleOutputCharacterA
GetStartupInfoA
GetDiskFreeSpaceW
GetProfileIntW
GetLastError
EnumResourceLanguagesA
InterlockedDecrement
OpenMutexA
GetEnvironmentStrings
WriteProfileStringA
EnumCalendarInfoExW
TlsGetValue
SetHandleCount
SetCriticalSectionSpinCount
GetCPInfo
LCMapStringW
WriteConsoleOutputA
GetPriorityClass
SetFileAttributesA
lstrcpynW
LoadModule
GetVolumeInformationW
CommConfigDialogA
TlsAlloc
GetCalendarInfoA
VirtualQuery
WaitCommEvent
SetFilePointer
lstrcpy
WideCharToMultiByte
TlsFree
InterlockedExchange
GetStdHandle
GetTempFileNameW
HeapAlloc
GetCurrentProcess
GetModuleFileNameA
SetStdHandle
GetStringTypeA
VirtualFree
FoldStringA
GetModuleFileNameW
CompareStringA
FindResourceW
TlsSetValue
LoadLibraryA
SetFileTime
GetEnvironmentStringsW
FillConsoleOutputCharacterW
GetSystemDirectoryA
EnterCriticalSection
GetCurrentProcessId
LoadLibraryW
lstrcmpi
UnhandledExceptionFilter
VirtualAlloc
EnumDateFormatsW
GetCurrentThreadId
TerminateProcess
LocalFlags
LeaveCriticalSection
GetSystemTimeAsFileTime
WriteProfileSectionW
ReadFile
GetModuleHandleA
RtlUnwind
ReadConsoleOutputCharacterA
InterlockedIncrement
GetSystemTime
SetWaitableTimer
GetVersion
EnumCalendarInfoW
CloseHandle
GlobalFindAtomA
WriteFile
VirtualUnlock
FormatMessageW
HeapDestroy
GetLocalTime
GetStartupInfoW
SetEnvironmentVariableA
ExpandEnvironmentStringsW
SetCurrentDirectoryW
GetThreadTimes
WriteConsoleA
CreateNamedPipeA
GetTickCount
FindFirstFileW
GetFileSize
WritePrivateProfileSectionA
GetCommandLineA
SetEvent
WritePrivateProfileStructA
LCMapStringA
CreateSemaphoreA
CreateWaitableTimerA
GetProcAddress
FreeEnvironmentStringsW
GetOEMCP
FlushFileBuffers
DeleteCriticalSection
HeapReAlloc
GetAtomNameA
CompareStringW

wininet

FindNextUrlCacheGroup
FtpGetFileW
HttpAddRequestHeadersA
InternetCanonicalizeUrlA
FindNextUrlCacheContainerW

user32

InsertMenuItemA
SetClipboardViewer
SubtractRect
SetUserObjectInformationA
MapWindowPoints
PostThreadMessageA
RegisterClassExA
UnregisterHotKey
ClientToScreen
BringWindowToTop
LoadIconA
ReplyMessage
GetScrollRange
wvsprintfW
ShowWindow
KillTimer
UnhookWinEvent
SetCapture
DefWindowProcA
DdeQueryNextServer
IsZoomed
UnhookWindowsHook
InSendMessage
LoadStringW
GetSystemMenu
GetMenuBarInfo
PackDDElParam
SetScrollPos
EnumDisplaySettingsW
DefFrameProcA
SetUserObjectSecurity
SetWindowContextHelpId
GetShellWindow
FrameRect
EnumClipboardFormats
SendMessageW
DialogBoxIndirectParamW
GetDCEx
SetThreadDesktop
TrackPopupMenuEx
SetWindowsHookExA
DlgDirSelectExW
GetClassNameA
SetClassLongW
SystemParametersInfoW
DrawFrameControl
DestroyWindow
RegisterClassA
CallWindowProcA
SetWinEventHook
LoadStringA
FlashWindowEx
CreateWindowExA
GetMenuItemInfoA
GetClipboardOwner
DefMDIChildProcW
InSendMessageEx
EnumDisplayDevicesA
CheckMenuRadioItem
CharPrevW
CharPrevA
CreateMDIWindowA
SendMessageTimeoutA
OpenIcon
CharToOemBuffW
SetActiveWindow
SetDlgItemTextA
LoadBitmapW
PaintDesktop
DdeFreeDataHandle
GetMenuStringW
GetMenuContextHelpId
SetWindowPlacement
MessageBoxW

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6a2e47a0527e94a9b0b5cec07d8eabf

Headers

File Characteristics

PDB Paths

Imports

shell32

advapi32

comctl32

gdi32

kernel32

wininet

user32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 112KB - Virtual size: 121KB

.rsrc Size: 72KB - Virtual size: 70KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 112KB - Virtual size: 121KB

.rsrc
Size: 72KB - Virtual size: 70KB