6fadc758002ba92cc0f8551205d422fe1e6764dce622352b43abe7b4a67a2160

Sharing

Copy URL Twitter E-mail

General

Target

6fadc758002ba92cc0f8551205d422fe1e6764dce622352b43abe7b4a67a2160
Size

972KB
MD5

498eae68ebecb632060dbe60788968ff
SHA1

fda4d2bf1f38b0dab4186c5864891322c2c091a9
SHA256

6fadc758002ba92cc0f8551205d422fe1e6764dce622352b43abe7b4a67a2160
SHA512

5cbf8587692896d9404e32493134cc327762a07e6f67dc0b010aa9cc4cee87f4f397d4d2b7e7a7512090e3b08b84ad2ad338503553a2a4222cce13449f0ac834
SSDEEP

24576:69wB7b2wETGwY/Lsc6fI/ICdB9cmu9jKByKIx8CArEH79:ewB7b2wETG1/Lsc6fIldnC8IxZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fadc758002ba92cc0f8551205d422fe1e6764dce622352b43abe7b4a67a2160

Files

6fadc758002ba92cc0f8551205d422fe1e6764dce622352b43abe7b4a67a2160
.exe windows:6 windows x86 arch:x86

0127ecebbf8b746949282c53d9b37318

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\TechnicalData\ZizonMacro Ultimate\Utility_Packet_Size\Test Source\Release\Test.pdb

Imports

kernel32

GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
HeapReAlloc
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
GetStringTypeW
GetCurrentThread
Sleep
GetEnvironmentStringsW
GetACP
FreeEnvironmentStringsW
GetFileSize
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
SetConsoleCtrlHandler
GetCommandLineA
WaitForSingleObjectEx
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
LoadLibraryA
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
CloseHandle
DecodePointer
GetStdHandle
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetCommandLineW
GetModuleFileNameA
FreeLibrary
GetTickCount
GetLocalTime
GetExitCodeThread
CreateThread
GetCurrentProcess
WriteFile
SetFilePointer
ReadFile
HeapFree
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
EncodePointer
InitializeSListHead
HeapAlloc
CreateFileA
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

UnregisterClassA
wsprintfA
ExitWindowsEx
SendMessageA
PostMessageA
DefWindowProcA
CreateWindowExA
DestroyWindow
ShowWindow
SetWindowPos
IsWindowVisible
CreateDialogParamA
DialogBoxParamA
GetCursorInfo
GetIconInfo
GetDesktopWindow
SetWindowLongA
ScreenToClient
ClientToScreen
GetCursorPos
MessageBeep
MessageBoxA
GetWindowRect
GetClientRect
SetWindowTextA
ReleaseDC
GetDC
GetForegroundWindow
DrawIcon
GetSystemMetrics
SendDlgItemMessageA
IsDlgButtonChecked
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
EndDialog

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBitmap
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetDIBits
SelectObject
GetObjectA
SetTextColor
StretchDIBits
SetBkColor
BitBlt

comdlg32

GetOpenFileNameA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoA
InternetOpenA

winmm

PlaySoundA

ws2_32

htons
ntohs
ntohl
htonl

imm32

ImmGetDefaultIMEWnd

hid

HidP_GetSpecificValueCaps
HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetFeature
HidD_SetFeature
HidD_GetInputReport
HidD_SetOutputReport
HidP_GetCaps

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

ddraw

DirectDrawCreateEx

Sections

.text
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 75.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0127ecebbf8b746949282c53d9b37318

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

wininet

winmm

ws2_32

imm32

hid

setupapi

ddraw

Sections

.text Size: 478KB - Virtual size: 477KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 3KB - Virtual size: 75.2MB

.gfids Size: 512B - Virtual size: 408B

.rsrc Size: 319KB - Virtual size: 319KB

.reloc Size: 54KB - Virtual size: 53KB

.text
Size: 478KB - Virtual size: 477KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 3KB - Virtual size: 75.2MB

.gfids
Size: 512B - Virtual size: 408B

.rsrc
Size: 319KB - Virtual size: 319KB

.reloc
Size: 54KB - Virtual size: 53KB