d6bdad0104bd8bc7ae562ad07923b9ca

Sharing

Copy URL

Twitter E-mail

General

Target

d6bdad0104bd8bc7ae562ad07923b9ca
Size

423KB
MD5

d6bdad0104bd8bc7ae562ad07923b9ca
SHA1

4b1281afb70a124314e8a281cb0d5e0f7147d8a4
SHA256

f93fdc7fed9aecfc861830b875d2da0eb4a2161464d947fc850c71bc319325f1
SHA512

4b6a6951baec3ac18034e772efc09fe3522c08f6ece5d71cb125c1de475b54ebc9d2200d85550d757cf4f9d77a43261099e04179c8be263835ac32a8ef6ea10f
SSDEEP

12288:kEO2+gCVqdFOzidIQpRyyHPSxdFnQ5rj4A+:kEOvZVqdByQpLqZQtj4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6bdad0104bd8bc7ae562ad07923b9ca

Files

d6bdad0104bd8bc7ae562ad07923b9ca
.exe windows:4 windows x86 arch:x86

888ccd1d90b724c2257bf268afaa54eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

InternalExtractIconListW
ShellExecuteExA
SHGetFileInfo

wininet

InternetTimeFromSystemTimeA
InternetFortezzaCommand

user32

OemToCharA
WaitForInputIdle
CharToOemBuffW
GetClipboardOwner
LoadAcceleratorsA
ScrollDC

comdlg32

ChooseColorW
LoadAlterBitmap
ReplaceTextW

kernel32

GetLocaleInfoA
GetSystemInfo
QueryPerformanceCounter
FreeEnvironmentStringsW
RtlUnwind
GetCurrentProcess
WriteFile
GetFileType
GetCurrentThreadId
GetEnvironmentStringsW
HeapSize
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetProcAddress
EnumSystemLocalesA
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapReAlloc
GetTimeZoneInformation
TerminateProcess
ExitProcess
LoadLibraryExW
LeaveCriticalSection
GetModuleFileNameA
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
SetLastError
HeapCreate
VirtualQuery
TlsFree
InterlockedExchange
GetEnvironmentStrings
TlsSetValue
IsBadWritePtr
GetCurrentProcessId
GetCurrentThread
GetLastError
SetHandleCount
DeleteCriticalSection
GetStartupInfoA
HeapFree
GetModuleHandleA
LoadLibraryA
EnterCriticalSection
VirtualProtect
GetStringTypeA
LCMapStringW
GetUserDefaultLCID
GetVersionExA
IsValidLocale
ReadConsoleInputW
GetACP
GetTimeFormatA
CompareStringW
GetDateFormatA
GetOEMCP
GetCommandLineA
GetTickCount
GetLocaleInfoW
HeapDestroy
GetStringTypeW
InitializeCriticalSection
TlsAlloc
VirtualAlloc
CompareStringA
HeapAlloc
TlsGetValue
IsValidCodePage
GetCPInfo
LCMapStringA

gdi32

CombineTransform
GetKerningPairs
SetBrushOrgEx
SetStretchBltMode
CreateColorSpaceW
FloodFill
CreateDCW
SetAbortProc
GetMetaFileBitsEx
GetCharacterPlacementW
GetRgnBox
GetKerningPairsA
GetMetaFileA
EnumFontFamiliesA

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

888ccd1d90b724c2257bf268afaa54eb

Headers

File Characteristics

Imports

shell32

wininet

user32

comdlg32

kernel32

gdi32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 7KB - Virtual size: 32KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 7KB - Virtual size: 32KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 6KB - Virtual size: 6KB