6ab6375168c89511ea6a70fadee99b53029b452cdd2a7ddf73f37a0ea9b52b4c

Sharing

Copy URL Twitter E-mail

General

Target

6ab6375168c89511ea6a70fadee99b53029b452cdd2a7ddf73f37a0ea9b52b4c
Size

136KB
MD5

108299f5436c63d6e7f0419079c8250c
SHA1

506fa2a25f4c006ef438873c2333f24add02cf86
SHA256

6ab6375168c89511ea6a70fadee99b53029b452cdd2a7ddf73f37a0ea9b52b4c
SHA512

5a56d9e41ee01e542c04c8b885c92f48775f1ad36f51c267031ac654090ed95d467d15e525acb4cd7059c7432b30fe48d04a9d4ce31313eb61dc25740f5a606c
SSDEEP

1536:hSM34Ws64FzTkIGNOx706b/r/TN/nBHFvu7+BxoGVaQOzGnyDQxG:AM3X0IUrtnBHo76xoGVvyGy0xG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ab6375168c89511ea6a70fadee99b53029b452cdd2a7ddf73f37a0ea9b52b4c

Files

6ab6375168c89511ea6a70fadee99b53029b452cdd2a7ddf73f37a0ea9b52b4c
.dll windows:4 windows x86 arch:x86

856f06dfc8114e8a47ab6cdd76cbf76f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GetLastError
SetLastError
GlobalFlags
MulDiv
lstrlenA
lstrcpynA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GetLocalTime
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetCurrentDirectoryA
VirtualQuery
GetModuleHandleA
GetModuleFileNameA
GetPrivateProfileStringA
SetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
FreeEnvironmentStringsW

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
SetCursor
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
UnregisterClassA
GetClassNameA
PtInRect
ClientToScreen
ReleaseDC
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
DestroyMenu
LoadStringA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
LoadIconA
GetClientRect
CopyRect
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
PostMessageA
UpdateWindow
MessageBoxA
SendMessageA
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetKeyState

gdi32

GetDeviceCaps
GetStockObject
DeleteDC
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
DeleteObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

Exports

Exports

Abmcs
CreditTrans
CreditTransABC
PrintTicket
_GetCurPathForDll@4
_GetModulePath@0

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

856f06dfc8114e8a47ab6cdd76cbf76f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 12KB - Virtual size: 11KB