c67f06603b6e1fbd67bb333e656d6a16

General

Target

c67f06603b6e1fbd67bb333e656d6a16
Size

42KB
MD5

c67f06603b6e1fbd67bb333e656d6a16
SHA1

3db393c8244aca70ee59d74a242a11bc4be89b76
SHA256

1cf18c73711c59685019c9541b958bd1446987b49577ffd6d8b0dac88ea0a742
SHA512

177a9f8144371784cae7c163d8d198b5ec75c092ea59363cb433344697eeb413d950b7e650160892c51979c743c53e2c324a8cd2f7d03e335e8351f70cfa30b8
SSDEEP

768:5isj56zOjSTNWyqUICqQZY7mdDKlQVfu5kNI:0sj5WJRqQ276KGekN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c67f06603b6e1fbd67bb333e656d6a16

Files

c67f06603b6e1fbd67bb333e656d6a16
.exe windows:4 windows x86 arch:x86

dba96f22a585d11d6c0551fb162cd87b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
MapViewOfFile
VerifyVersionInfoW
WaitNamedPipeW
GetExitCodeThread
InterlockedExchangeAdd
IsBadStringPtrW
IsValidLocale
SetConsoleFont
WaitNamedPipeA
TransmitCommChar
ReadConsoleInputExA
GetOverlappedResult
FindFirstVolumeMountPointW
LocalHandle
SetConsoleNumberOfCommandsW
WriteConsoleOutputW
CreateHardLinkW
GetCurrentThreadId
GetCurrentConsoleFont
CreateFileA
GetPrivateProfileSectionW
GlobalFree
SetSystemTime
ExpungeConsoleCommandHistoryW
GetDiskFreeSpaceA
GetStringTypeExW
DnsHostnameToComputerNameA
Process32First
CopyFileA
MoveFileExW

user32

OemKeyScan
CopyImage
SetCursor
AppendMenuA
GetMenuCheckMarkDimensions
GetWindowWord
DestroyCaret
RegisterServicesProcess
SetSysColors
GetCursorFrameInfo
GetUpdateRgn
GetProcessWindowStation
CharLowerBuffA
ToAscii
SetMessageExtraInfo
SendMessageCallbackA
MonitorFromPoint

gdi32

FixBrushOrgEx
CloseFigure
GdiValidateHandle
Escape
EngAssociateSurface
CreateRectRgn
GetCurrentPositionEx
SetICMProfileW
ChoosePixelFormat
EngWideCharToMultiByte
GdiConvertPalette
AbortDoc
PolylineTo
CreateHatchBrush
GdiEndPageEMF
EngDeleteSurface
BeginPath
CreateICA
GetOutlineTextMetricsA

comdlg32

FindTextW
ChooseFontA
PrintDlgA
PrintDlgExW
ReplaceTextA
GetSaveFileNameW
Ssync_ANSI_UNICODE_Struct_For_WOW
dwLBSubclass
PageSetupDlgA
GetOpenFileNameW
CommDlgExtendedError
GetFileTitleW

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dba96f22a585d11d6c0551fb162cd87b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 4KB