c6bd38869e553faf9fb7eaaa1c332f2f

Sharing

Copy URL

Twitter E-mail

General

Target

c6bd38869e553faf9fb7eaaa1c332f2f
Size

2.1MB
MD5

c6bd38869e553faf9fb7eaaa1c332f2f
SHA1

8f2361d0851a974c4ec28fc6c6307c8ff45eec8b
SHA256

e82ce38d84ef2cd91b21687f7f39f366c6441acbc99c126eb70407b525204631
SHA512

e2f4a993b683800e58d5957ff060f9c6721af0689c1515d71ea43739746ea17b1d5c32900b0c116c478509264ac5233c9497dd80a000efde3b0a965149f25b46
SSDEEP

49152:mTaZ3Idhz6jCMlgjGnOXs2qMDVciJa9eDeYC0i8:1azz6jVlg2QYEi9bi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6bd38869e553faf9fb7eaaa1c332f2f

Files

c6bd38869e553faf9fb7eaaa1c332f2f
.exe windows:4 windows x86 arch:x86

42d4255ef957c04efad1859c1cfb5e99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
FatalAppExitA
PeekNamedPipe
SetStdHandle
GetTimeZoneInformation
WritePrivateProfileSectionA
VirtualLock
GetUserDefaultLangID
GetCommConfig
SetSystemTime
GetPrivateProfileSectionW
GetDriveTypeW
GetNumberFormatW
FindResourceExW
TlsGetValue
LoadLibraryExW
GetTempPathW
FreeLibraryAndExitThread
GetUserDefaultLCID
ReadDirectoryChangesW
FreeLibrary
DeleteFiber
ExitProcess
GlobalDeleteAtom
GetOverlappedResult
FreeEnvironmentStringsA
ExitThread
GetLargestConsoleWindowSize
DebugBreak
GetFileAttributesA
MoveFileExA
GetFullPathNameA
lstrcpynA
CreateDirectoryExA
CreateNamedPipeW
LocalLock
PrepareTape
LeaveCriticalSection
GetThreadPriority
VirtualQuery
GetAtomNameA
VirtualFree
SetCurrentDirectoryA
SetEnvironmentVariableW
DosDateTimeToFileTime
FindFirstFileW
_lread
FillConsoleOutputCharacterA
GetBinaryTypeW

ws2_32

htonl
WSAEnumProtocolsA
WSACloseEvent
WSARecvFrom
listen
WSACreateEvent
WSAAddressToStringW
WSAGetOverlappedResult
WSAIoctl
WSAEnumNameSpaceProvidersW
htons

user32

CloseWindow
UnhookWindowsHook
MapVirtualKeyA
FlashWindow
DrawTextExW
SendDlgItemMessageW
EnumChildWindows
IsWindowEnabled
SetPropA
MapWindowPoints
InvalidateRgn
SetPropW
CharNextA
IsCharUpperA
GetPropA
CharUpperBuffA
GetCursorPos
GetWindowInfo
DispatchMessageW
SystemParametersInfoA

advapi32

RegUnLoadKeyA
ImpersonateNamedPipeClient
UnlockServiceDatabase
IsValidAcl
ObjectCloseAuditAlarmA
RegSetValueA
OpenSCManagerW
RegQueryValueExW
SetFileSecurityW
ClearEventLogW
RegDeleteValueA
LogonUserW
LookupPrivilegeNameA
OpenProcessToken
GetSidSubAuthorityCount
DeleteService
SetServiceStatus
SetTokenInformation
MakeSelfRelativeSD
RegQueryInfoKeyW
SetFileSecurityA
AllocateAndInitializeSid
GetSidIdentifierAuthority
DuplicateTokenEx
CryptVerifySignatureA
CryptGenRandom
EnumDependentServicesW
RegQueryValueW
DestroyPrivateObjectSecurity
CryptGetProvParam
ReportEventA
GetAclInformation
EnumDependentServicesA
NotifyBootConfigStatus
QueryServiceConfigW

msvcrt

fgetc
localeconv
islower
_mbschr
qsort
_mbsnbcnt
_ltow
isalpha
isxdigit
_controlfp
ungetc
_getmbcp
strcoll
_write
_strnicoll
wscanf
isupper
_wcsicmp
wcstombs
free
atof
ctime
_popen
strcspn
remove
_isctype
vfwprintf
abort
vswprintf
rand
mbstowcs
swprintf
swscanf
_exit
_tempnam
_setmode
_eof
_wtoi
_getcwd
wcsncpy
_unlink
strerror
ferror
_wopen
_wgetenv

Sections

.text
Size: 3KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42d4255ef957c04efad1859c1cfb5e99

Headers

File Characteristics

Imports

kernel32

ws2_32

user32

advapi32

msvcrt

Sections

.text Size: 3KB - Virtual size: 219KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 3KB - Virtual size: 219KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB