d6cd0a66aed87ffea3e70c1a0b69b085

Sharing

Copy URL Twitter E-mail

General

Target

d6cd0a66aed87ffea3e70c1a0b69b085
Size

321KB
MD5

d6cd0a66aed87ffea3e70c1a0b69b085
SHA1

bad82ffe0cfb847c67358547e5d245ea48146894
SHA256

715c64043e290aa8de775e191bfbe8e72e9ae3b11fe329d80cda162e2564c646
SHA512

48c349ab05914eb29ad57596ba5950cce7b43800abed02c28cdf83de76df537aa3374832fda07da542c5b4ab2811f9700ea71d4a64a35951655fd538f5691369
SSDEEP

6144:gf5cDJNlzGJ3tUf6y1UeKEGzyHgcIgRm6NskshiiSpFxBLwP:YcdNZdfX7GzyAORmG7IMnMP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6cd0a66aed87ffea3e70c1a0b69b085

Files

d6cd0a66aed87ffea3e70c1a0b69b085
.exe windows:4 windows x86 arch:x86

ec3119b32f8f6b87df8debfa6ff5a57d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

user32

DestroyWindow
GetMessageA
GetParent
UpdateWindow
ShowWindow
SetCapture
PeekMessageA
SetWindowPos
TranslateMessage
IsWindowEnabled
GetWindow
LoadStringA
EnableMenuItem
RegisterClassA
GetSubMenu
SetTimer
FillRect
DispatchMessageA
ReleaseDC
EndPaint
MoveWindow
BeginPaint
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
EndDialog
SetWindowTextA
CheckMenuItem
GetWindowLongA
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
TrackPopupMenu
GetDesktopWindow
MessageBeep
GetClientRect
GetDC
IsWindow
PostQuitMessage
SetForegroundWindow
SetFocus
SetDlgItemTextA
MessageBoxA
DialogBoxParamA
GetSysColor
GetKeyState
SystemParametersInfoA
SetCursor
IsWindowVisible
GetFocus
InvalidateRect
SendMessageA
CallWindowProcA
EnableWindow

kernel32

GetEnvironmentVariableA
GetModuleFileNameW
SetLastError
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetCurrentThread
FormatMessageA
InterlockedDecrement
FindClose
FindFirstFileW
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
GetOEMCP
VirtualProtect
CompareStringW
GetUserDefaultLangID
GetSystemDefaultLCID
GetUserDefaultLCID
GetSystemDefaultLangID
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
SetEndOfFile
HeapDestroy
GetFileAttributesW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
LoadLibraryW
GetStringTypeA
InterlockedExchange
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
ResetEvent
VirtualAlloc
FindResourceA
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
IsValidCodePage
GetLocalTime
TlsGetValue
CreateProcessA
SizeofResource
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
GetShortPathNameA
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
CompareStringA
lstrcpyA
GetCurrentThreadId
FindNextFileW
GetModuleFileNameA
GetProcessHeap
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetVersion
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
SetFileAttributesA
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
lstrcmpiW
GetFullPathNameA

gdi32

SetBkMode
DeleteObject
SetTextColor
BitBlt
SetBkColor
CreateSolidBrush
CreateCompatibleDC

advapi32

RegDeleteValueW
RegDeleteKeyA
RegCloseKey

oleaut32

VariantInit
SysFreeString
SysAllocStringLen
SysStringLen
VariantClear
SysAllocString

msvcrt

_controlfp
_cexit
exit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_strcmpi

Sections

.text
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec3119b32f8f6b87df8debfa6ff5a57d

Headers

File Characteristics

Imports

ole32

user32

kernel32

gdi32

advapi32

oleaut32

msvcrt

Sections

.text Size: 310KB - Virtual size: 309KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 310KB - Virtual size: 309KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 3KB - Virtual size: 3KB