c6871e24eef5551bf92527cd77d1d5a1

Sharing

Copy URL Twitter E-mail

General

Target

c6871e24eef5551bf92527cd77d1d5a1
Size

430KB
MD5

c6871e24eef5551bf92527cd77d1d5a1
SHA1

18df82fb4f57c0f2bb0c382225b1f7f218ff9883
SHA256

c64e2210ad2325481f5fb7e6198d1bffde9e1c2ec14e3ec15094f174afa4086c
SHA512

01f74fcd0c326e9f63b9ead9a4063c6d2896327261b2079805a8f0ddf45cef90af41d2c82dbbcaa60292545c985a1e9d4e7a1082c0b875ae3884c5d00d12705b
SSDEEP

6144:mhd225f6gEhy608iLS9wXnncnW+esq9yU5Ox8v9jhnYgMPuwF8aj1YIOSf7VLj:ycgEV08s3z9y+OyvPX8nj1YOf5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6871e24eef5551bf92527cd77d1d5a1

Files

c6871e24eef5551bf92527cd77d1d5a1
.exe windows:4 windows x86 arch:x86

f3befea442bf03843314d252e09456ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
FixBrushOrgEx
GetCharWidthA
SetViewportExtEx
SetROP2
GetGlyphOutlineA
SetBitmapBits
SetBkMode

kernel32

CreateFileA
FreeLibraryAndExitThread
GetStartupInfoW
GetFileAttributesExA
ExitProcess
lstrlenA
Sleep
SetConsoleTitleW
GetPrivateProfileStringA
lstrcmpA
GetTempFileNameA
LCMapStringW
HeapWalk
VirtualAlloc
GetACP
GetLocalTime
GetSystemTime
GetModuleHandleW
lstrlenW
SleepEx
GetProfileSectionW
VirtualFree
CloseHandle
GetStringTypeA
lstrcmpiW
lstrcmpiA
lstrcmpW
GetModuleHandleA
ReleaseSemaphore
SetConsoleMode

advapi32

GetUserNameA
CryptHashData
AbortSystemShutdownA
CryptSignHashA
LookupSecurityDescriptorPartsW
RegOpenKeyA
RegOpenKeyW
GetUserNameW
ClearEventLogW
ObjectOpenAuditAlarmW
ObjectCloseAuditAlarmA
GetMultipleTrusteeA
ConvertSecurityDescriptorToAccessW
SetNamedSecurityInfoExA
AbortSystemShutdownA

user32

CreateDialogIndirectParamW
EnumDisplaySettingsExW
LoadMenuIndirectW
DestroyAcceleratorTable
OemToCharBuffA
LoadAcceleratorsA
OpenIcon
GetListBoxInfo
CreateDialogParamA
SetMenuDefaultItem
GetKeyboardState
RegisterClassW
IsIconic
MapVirtualKeyW
CopyRect
GetQueueStatus
GetNextDlgGroupItem
ModifyMenuW
ScreenToClient

comdlg32

ChooseColorA

msvcrt

_adj_fprem1
_fgetchar
system
_ismbchira
iswascii
_wcsset
_wstat
_ultoa
_wcsnicmp
_wspawnvpe
_strnset
fread
_ungetch
__p___winitenv

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.anidp
Size: 380KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.irtm
Size: 43KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3befea442bf03843314d252e09456ef

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

user32

comdlg32

msvcrt

Sections

.text Size: 5KB - Virtual size: 6KB

.anidp Size: 380KB - Virtual size: 433KB

.irtm Size: 43KB - Virtual size: 551KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.anidp
Size: 380KB - Virtual size: 433KB

.irtm
Size: 43KB - Virtual size: 551KB

.reloc
Size: 1024B - Virtual size: 1KB