c6b6cfe6b1bf20a6a7f49c6ae2d3940b

Sharing

Copy URL Twitter E-mail

General

Target

c6b6cfe6b1bf20a6a7f49c6ae2d3940b
Size

372KB
MD5

c6b6cfe6b1bf20a6a7f49c6ae2d3940b
SHA1

e088980a37a84dbf80a4e8ff8f472cdcb33aecc2
SHA256

46d8497529fac5c65bec6865bef454d1e556cc4317e7b571ba21e4744ddfe98a
SHA512

82b620d77837b0a45b40d1b999c7a400ee5d37f70af4b7294343ba6cec71b65bccaa133373e09326186e88e9d76a26b1a0c3c3e6d6c8aedecbaec8e4bf3c2d7e
SSDEEP

6144:JsAeW1vp9TUYo/B4Er6R8iQeeaQeeiQeesQeewrQeehQeeL2Ac4VI4+jdazgMks1:JsAeW5fTUYSB474AcE+ZakCd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6b6cfe6b1bf20a6a7f49c6ae2d3940b

Files

c6b6cfe6b1bf20a6a7f49c6ae2d3940b
.dll windows:5 windows x86 arch:x86

e38f9ac27bd96674d9aab048768f44e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\Server-PC\Desktop\VR18.pdb

Imports

kernel32

MulDiv
CreateThread
VirtualProtect
GetModuleHandleA
GetModuleFileNameA
DisableThreadLibraryCalls
VirtualAlloc
IsBadWritePtr
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
Beep
ReadProcessMemory
Sleep
IsBadReadPtr
GetCurrentProcess
OutputDebugStringA
IsProcessorFeaturePresent
GetSystemInfo
VirtualFree
GetProcAddress
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
ExitProcess

user32

GetDesktopWindow
DefWindowProcA
CreateWindowExA
MessageBoxA
GetAsyncKeyState
RegisterClassExA
DestroyWindow

gdi32

GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
MoveToEx
GetTextExtentPoint32A
SetTextColor
GetTextMetricsW
CreateDIBSection
CreateFontA
GetDeviceCaps
SetBkColor
DeleteObject
GetTextMetricsA
GetObjectW
GetObjectA
SetBkMode
GetCharacterPlacementW
DeleteDC
GetGlyphOutlineA
ExtTextOutW
ExtTextOutA
SetTextAlign
SetMapMode
CreateCompatibleDC
SelectObject
GetCharacterPlacementA

msvcp90

?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

d3d9

Direct3DCreate9

winmm

sndPlaySoundA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA

msvcr90

_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_finite
_CIacos
strncpy
_ftol
free
ceil
_mbsnbcpy
??2@YAPAXI@Z
_memicmp
??3@YAXPAX@Z
_vsnprintf
malloc
memmove
sprintf
floor
iswpunct
__CxxFrameHandler
modf
iswspace
iswalpha
_encoded_null
iswdigit
__CxxFrameHandler3
_CIsqrt
memcpy
memset

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e38f9ac27bd96674d9aab048768f44e7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msvcp90

d3d9

winmm

wininet

msvcr90

advapi32

Sections

.text Size: 226KB - Virtual size: 225KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 40KB - Virtual size: 51KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 226KB - Virtual size: 225KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 40KB - Virtual size: 51KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 21KB - Virtual size: 21KB