c6bce8226f407a5eb97b98eb46a1be61

Sharing

Copy URL Twitter E-mail

General

Target

c6bce8226f407a5eb97b98eb46a1be61
Size

73KB
MD5

c6bce8226f407a5eb97b98eb46a1be61
SHA1

a98561f4dabfb84eda1e21050ddee769c629249a
SHA256

6c22a4ea83be23517faaebdfa5c4c62382ad78365a2e943bc6d0ecd0f32291ac
SHA512

bd19cb472e191b21266dbcef9e422bbd058435619d8e6659472503058a5e8c339bcbcb6ddfe602054aec1faa713863c185c3cb53ced6c6510e5b10f79b81cbee
SSDEEP

1536:Nlo728JRHTO9fb6zYkH7sIAKNzRAaVyGhRAykS:NloS8zHTONrkwAzhVR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6bce8226f407a5eb97b98eb46a1be61

Files

c6bce8226f407a5eb97b98eb46a1be61
.exe windows:4 windows x86 arch:x86

3c95ba607313a11ebdcdd13b2b2c6a21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
TlsFree
SetFileAttributesW
QueryPerformanceCounter
WriteFile
lstrlenW
GetSystemTimeAsFileTime
FindFirstFileW
CompareStringW
FindClose
VirtualProtect
SetLastError
LoadLibraryW
GetFileInformationByHandle
EnterCriticalSection
GetStringTypeW
TlsGetValue
LocalFileTimeToFileTime
GetFileTime
GetFileType
GlobalUnlock
HeapFree
HeapSize
GetUserDefaultLCID
LocalLock
GetDiskFreeSpaceA
SetEndOfFile
DisableThreadLibraryCalls
LocalReAlloc
LocalUnlock
GetCommandLineA
DeleteFileW
RtlUnwind
WaitForSingleObject
SizeofResource
SetUnhandledExceptionFilter
GlobalAlloc
GetTickCount
VirtualFree
InterlockedCompareExchange
CreateDirectoryW
GetFileAttributesW
GetLastError
GetCurrentProcessId
GetLocaleInfoW
RaiseException
LocalSize
IsValidLocale
MulDiv
FreeLibrary
TlsSetValue
GetDateFormatA
FreeEnvironmentStringsW
FindFirstFileA
lstrlenA
CreateFileA
GetVersionExW
SearchPathW
GetPrivateProfileStringA
InterlockedIncrement
TerminateProcess
HeapReAlloc
FoldStringW
LocalFree
TlsAlloc
lstrcpyW
GetCurrentProcess
UnhandledExceptionFilter
FindResourceA
lstrcatA
DeleteCriticalSection
GetFileSize
OpenMutexA
ReadFile
CreateFileMappingW
GetModuleFileNameA
GetCPInfo
WideCharToMultiByte
DebugBreak
GetLocalTime
MapViewOfFile
VirtualQuery
IsDebuggerPresent
lstrcpynW
Sleep
GetTimeFormatA
GetModuleHandleW
LocalAlloc
VirtualAlloc
LCMapStringA
lstrcatW
GetOEMCP
GetComputerNameW
FlushFileBuffers
GetStartupInfoA
GetCurrentThreadId
ExitProcess
InterlockedDecrement
GetVersion
GetVersionExA
CreateFileW
FormatMessageW
LoadLibraryExW
GetUserDefaultUILanguage
GetDateFormatW
lstrcmpiW
LoadLibraryA
MultiByteToWideChar
GlobalLock
ExitThread
GetStdHandle
GetTimeZoneInformation
SetHandleCount
GlobalFree
GetTimeFormatW
GetACP
CloseHandle
HeapAlloc
UnmapViewOfFile
lstrcmpW
WriteConsoleA
SetFileTime
GetLocaleInfoA
FindResourceW
GetProcAddress
GetModuleHandleA
GetCommandLineW

user32

GetSystemMenu
UnregisterClassW
GetWindowRect
SetActiveWindow
MoveWindow
GetWindowLongW
GetMenu
LoadCursorW
DrawTextExW
ClientToScreen
DialogBoxParamW
LoadIconW
CloseClipboard
DrawIcon
IsDialogMessageW
GetDlgCtrlID
DestroyWindow
wsprintfW
OpenClipboard
MessageBoxW
TranslateMessage
PostMessageW
GetFocus
IsChild
SetWinEventHook
TranslateAcceleratorW
InvalidateRect
GetWindowPlacement
FillRect
RegisterClassExW
SetWindowTextW
GetParent
GetWindowTextW
SendMessageW
LoadAcceleratorsW
GetDC
EndDialog
MessageBeep
GetNextDlgTabItem
WinHelpW
ChildWindowFromPoint
RegisterWindowMessageW
SetScrollPos
EnableMenuItem
LoadStringW
GetDlgItemTextW
IsIconic
LoadImageW
GetClientRect
SetTimer
SetDlgItemTextW
SetCursor
SetWindowPlacement
GetSystemMetrics
GetSubMenu
GetMessageW
ReleaseDC
EnableWindow
IsClipboardFormatAvailable
DefWindowProcW
SendDlgItemMessageW
UnhookWinEvent
SetWindowLongW
PostQuitMessage
GetCursorPos
ScreenToClient
UpdateWindow
CheckMenuItem
GetKeyboardLayout
GetMenuState
GetDesktopWindow
CharUpperW
SetPropA
DispatchMessageW
PostMessageA
CharNextW
DestroyIcon
GetIconInfo
CreateDialogParamW
CallWindowProcW
GetForegroundWindow
SetFocus
CharLowerW
DefWindowProcA
GetMessageTime
GetDlgItem
ShowWindow
PeekMessageW
CreateWindowExW

msvcrt

__p__commode
__set_app_type
malloc
time
_acmdln
_initterm
_wtol
__getmainargs
exit
iswctype
wcsncpy
__p__fmode
isdigit
fclose
_controlfp
_c_exit
wcsncmp
_XcptFilter
_amsg_exit
??0exception@@QAE@XZ
_cexit
_CxxThrowException
_adjust_fdiv
memset
_lock
_snwprintf
__setusermatherr
localtime
_exit

comdlg32

PrintDlgExW
FindTextW
ReplaceTextW
ChooseFontW
GetSaveFileNameW
PageSetupDlgW
GetFileTitleW
GetOpenFileNameW
CommDlgExtendedError

gdi32

GetTextExtentPoint32W
EndDoc
SelectObject
SetBkMode
GetDeviceCaps
CreateFontIndirectW
LPtoDP
SetWindowExtEx
EnumFontsW
GetStockObject
StartDocW
GetObjectW
CreateDCW
AbortDoc
DeleteObject
SetMapMode
TextOutW
GetTextMetricsW
StartPage
SetViewportExtEx
SetAbortProc
GetTextFaceW
DeleteDC
EndPage

advapi32

RegQueryValueExW
IsTextUnicode
RegQueryValueExA
RegCreateKeyW
RegCloseKey
RegOpenKeyExA
RegSetValueExW

shell32

DragQueryFileW
ShellAboutW
DragAcceptFiles
DragFinish

comctl32

CreateStatusWindowW

winspool.drv

OpenPrinterW
GetPrinterDriverW
ClosePrinter

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nxqljsi
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c95ba607313a11ebdcdd13b2b2c6a21

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

comdlg32

gdi32

advapi32

shell32

comctl32

winspool.drv

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 13KB - Virtual size: 25KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 31KB

nxqljsi Size: 21KB - Virtual size: 24KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 13KB - Virtual size: 25KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 31KB

nxqljsi
Size: 21KB - Virtual size: 24KB