6107f6308661d627fb94e514133c40497c6e29ce6b5adfa6d0017d90bdd9d4b8

Sharing

Copy URL Twitter E-mail

General

Target

6107f6308661d627fb94e514133c40497c6e29ce6b5adfa6d0017d90bdd9d4b8
Size

268KB
MD5

1caf52ac0eb706a7f6140dd629a91fe2
SHA1

7d3f69be4abc749e2ed32109e8339360ebbea86e
SHA256

6107f6308661d627fb94e514133c40497c6e29ce6b5adfa6d0017d90bdd9d4b8
SHA512

3f3122479df4c812054a32322c5b02d595c2f278dc24a05c585c280503533d956d4ba8e7eb5936a75b9183616e7e939248be612f5c7e9c72e184b9eeee0cccd5
SSDEEP

6144:CmghAnXNLs49vf6DKgwW2ljipNDgigh6eD9d/:uhAG4Fgwrlu0X6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6107f6308661d627fb94e514133c40497c6e29ce6b5adfa6d0017d90bdd9d4b8

Files

6107f6308661d627fb94e514133c40497c6e29ce6b5adfa6d0017d90bdd9d4b8
.exe windows:5 windows x86 arch:x86

8a3b18ac892f7123b5be55486ecb586b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Gitlab-Runner\builds\8bd10b72\0\TFG\Mixin\bin\MixinSFX.pdb

Imports

kernel32

GetLocalTime
UpdateResourceW
MoveFileExW
GetFileSize
SystemTimeToFileTime
GetModuleHandleW
CopyFileW
WideCharToMultiByte
WinExec
BeginUpdateResourceW
SystemTimeToTzSpecificLocalTime
CreateFileMappingW
MapViewOfFile
GetCommandLineW
CreateMutexA
ReleaseMutex
OpenMutexA
Process32FirstW
GetCurrentProcessId
CreateProcessW
GetTickCount
GetComputerNameA
GetFileAttributesW
CreateDirectoryW
GetModuleFileNameA
SetLastError
InterlockedDecrement
FormatMessageW
OutputDebugStringW
LocalFree
GetFileTime
FindFirstFileW
FindNextFileW
RemoveDirectoryW
GetTempPathW
FindClose
FlushFileBuffers
FindResourceW
LockResource
FileTimeToSystemTime
Process32NextW
Sleep
MultiByteToWideChar
EndUpdateResourceW
CreateToolhelp32Snapshot
DecodePointer
WriteConsoleW
SetFileAttributesW
HeapSize
GetConsoleCP
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleMode
SetStdHandle
GetStringTypeW
LCMapStringW
LoadResource
CreateThread
LoadLibraryW
CloseHandle
LocalAlloc
DeleteFileW
FreeResource
OpenFileMappingW
CreateFileW
SetFilePointer
GetProcessId
GetModuleFileNameW
OutputDebugStringA
WriteFile
GetCurrentProcess
CompareFileTime
SizeofResource
ReadFile
FreeLibrary
GetProcAddress
HeapAlloc
HeapFree
GetACP
GetStdHandle
GetFileType
GetFileAttributesExW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
DeviceIoControl
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
HeapReAlloc
GetLastError
RtlUnwind
RaiseException
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
SetFileTime
GetTempPathA
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentDirectoryW
CreateDirectoryA
GetFileAttributesA
CreateFileA
GetEnvironmentVariableA
UnhandledExceptionFilter

user32

wsprintfW
SetWindowTextW
FindWindowW
BringWindowToTop
ShowWindow
DialogBoxParamW
SetWindowPos
GetWindowRect
PostMessageW
SetClassLongW
SetDlgItemTextW
LoadCursorW
SendMessageW
MessageBoxW
EndDialog
SetWindowLongW
GetDlgItem
GetSysColorBrush
LoadImageW
SetFocus
GetMessageW
RegisterClassExW
LoadAcceleratorsW
LoadStringW
DispatchMessageW
TranslateAcceleratorW
TranslateMessage
LoadIconW
PostQuitMessage
UpdateWindow
DefWindowProcW
GetSystemMenu
FindWindowExW
DestroyWindow
CreateWindowExW
CreatePopupMenu
TrackPopupMenu
MoveWindow
GetClientRect
AppendMenuW
SetForegroundWindow
GetCursorPos
MessageBoxA
GetDlgItemTextA

gdi32

SetTextColor
SetBkMode
GetObjectW
CreateFontIndirectW
GetStockObject

advapi32

GetSecurityDescriptorSacl
RegCreateKeyExA
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetUserNameA
RegCloseKey
RegCreateKeyExW
RegSetValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteW
SHGetFileInfoW
ShellExecuteExW
CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA

ole32

OleRun
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantChangeType
VariantClear
GetErrorInfo
VariantCopy

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetSetOptionW

comctl32

CreateStatusWindowW
InitCommonControlsEx

ws2_32

gethostname
inet_ntoa
gethostbyname
WSAStartup
WSACleanup

shlwapi

PathFileExistsW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a3b18ac892f7123b5be55486ecb586b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

comctl32

ws2_32

shlwapi

version

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 59KB - Virtual size: 59KB

.data Size: 2KB - Virtual size: 34KB

.gfids Size: 512B - Virtual size: 308B

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 59KB - Virtual size: 59KB

.data
Size: 2KB - Virtual size: 34KB

.gfids
Size: 512B - Virtual size: 308B

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 10KB - Virtual size: 9KB