c6c004b67c238b6e4604eaf0ae4b84f0

Sharing

Copy URL Twitter E-mail

General

Target

c6c004b67c238b6e4604eaf0ae4b84f0
Size

83KB
MD5

c6c004b67c238b6e4604eaf0ae4b84f0
SHA1

68ba2c700b829dd52793401fd2b6596f0b10bfdf
SHA256

e901e18409ce2dcb62cddacf7c0a86365ec09a860196ec4c8eea9920a1fb838c
SHA512

d2ccf71cf76221a9cd75ba29e2942f0ada41de5f2d803d1aca512cf1a952717a4a8c9a54f66806bc15e3a85e7ba1243a52ffc7604c4d1ed84847636964b24667
SSDEEP

1536:w4VEJWluWdyH5Czt/clzZq6JqSCS+KVIfO0CDReKeL:zybQyH5CZEhY6JqSCwV+/3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6c004b67c238b6e4604eaf0ae4b84f0

Files

c6c004b67c238b6e4604eaf0ae4b84f0
.exe windows:5 windows x86 arch:x86

c045ac823760ea4d7de5a10f5d908949

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_Class_Key_NameA
CM_Get_Device_Interface_Alias_ExA
CM_Setup_DevNode
CM_Get_Device_ID_List_ExA
CM_Connect_MachineW
CM_Get_Res_Des_Data_Size_Ex
CM_Locate_DevNode_ExA
CM_Free_Log_Conf_Handle
CM_Is_Dock_Station_Present
CM_Set_HW_Prof_Ex
CM_Modify_Res_Des_Ex
CM_Delete_Class_Key_Ex
CM_Detect_Resource_Conflict_Ex
CM_Find_Range

usp10

ScriptPlace
ScriptStringGetOrder
ScriptString_pcOutChars
ScriptGetLogicalWidths
ScriptIsComplex
ScriptStringGetLogicalWidths
ScriptCPtoX
ScriptFreeCache
ScriptLayout
ScriptStringAnalyse
ScriptItemize
UspAllocCache

user32

AnyPopup
OemToCharW
RegisterClassExW
CtxInitUser32
RegisterSystemThread
DrawTextW
GetFocus
DrawStateW
DialogBoxParamA
DrawFocusRect
DdeQueryConvInfo
GetClassWord
GetUserObjectInformationW
EnumChildWindows
GetWindowPlacement
WinHelpA
SetKeyboardState
LoadCursorA

kernel32

IsDBCSLeadByteEx
GetPrivateProfileStructW
EnumDateFormatsExA
GetConsoleAliasA
Process32Next
LoadLibraryA
GetConsoleAliasesA
TlsAlloc
GetBinaryTypeW
GetVDMCurrentDirectories
SetConsoleFont
VirtualAlloc
SetSystemTimeAdjustment
FindActCtxSectionStringA
Beep
GetPrivateProfileSectionA
GetCommandLineW
GetCommState

rasapi32

RasGetEntryPropertiesA
RasEditPhonebookEntryW
RasRenameEntryW
RasScriptReceive
RasHangUpA
RasSetEntryDialParamsW
RasSetCredentialsA
RasEnumEntriesA
RasSetSubEntryPropertiesW
RasSetCredentialsW
DwCloneEntry
RasSetEntryDialParamsA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c045ac823760ea4d7de5a10f5d908949

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

usp10

user32

kernel32

rasapi32

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 23KB - Virtual size: 28KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 252B

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 23KB - Virtual size: 28KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 252B