b6df9f2c6a7cdb83f05856f20e77fc2f7ea777cd9827ccbde58562428d271076[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b6df9f2c6a7cdb83f05856f20e77fc2f7ea777cd9827ccbde58562428d271076.exe
Size

562KB
MD5

249ec6b5a058675562ef15bf46fed1f8
SHA1

afef8701eb8f1b4f411ed0a0dde04ca09d086ea3
SHA256

b6df9f2c6a7cdb83f05856f20e77fc2f7ea777cd9827ccbde58562428d271076
SHA512

8b21b80a97230dd8e76ccb5c7d287c4abe5b593b996fd0ad0674a58dbca91bc079354e815df8638baf97608ef6d884c0165edaf4ebba11bbf307399ffd746365
SSDEEP

12288:cgSN5xq+jiIm+pCgHtOLtQnRmXz4ghN9Qh/DH:e5xqtIm+FtGWnoMghH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6df9f2c6a7cdb83f05856f20e77fc2f7ea777cd9827ccbde58562428d271076.exe

Files

b6df9f2c6a7cdb83f05856f20e77fc2f7ea777cd9827ccbde58562428d271076.exe
.exe windows:5 windows x86 arch:x86

Password: infected

3f146c641ef41fa6150b3597404b789c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
GetFontLanguageInfo
GetGraphicsMode
GetMapMode
GetTextAlign
GetStretchBltMode
SetTextCharacterExtra
SetSystemPaletteUse
UpdateColors
GetTextColor
GetFontUnicodeRanges
GetClipRgn
GetBkColor
SetTextColor
GetNearestPaletteIndex
GetTextCharacterExtra
GetSystemPaletteUse
SetTextAlign
GetObjectType
GetTextCharset
SetTextJustification
SetPixel
GetPixelFormat

user32

GetWindowDC
GetScrollPos
GetKeyboardType
GetMenu
GetWindowLongA
ShowWindow
GetDC
GetDialogBaseUnits
GetForegroundWindow
EndPaint
GetWindowContextHelpId
GetMenuState
LoadIconA
IsWindowUnicode
GetInputState
IsWindowEnabled
GetPropA
BeginPaint
GetQueueStatus
GetDlgItemInt
PostMessageA
CallWindowProcA
GetMenuItemCount
RemovePropA
GetCursor
SetFocus
CheckDlgButton
EndDialog
GetMenuCheckMarkDimensions
WindowFromDC
DrawTextA
GetDlgItem

kernel32

SetEnvironmentVariableA
SetEndOfFile
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
HeapSize
GetFileAttributesExW
CreateFileW
WriteConsoleW
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
LoadLibraryExW
FreeLibrary
SetConsoleCtrlHandler
GetFileTime
SetFilePointer
GetDriveTypeA
GlobalAlloc
LockResource
IsDebuggerPresent
GetCurrentProcessId
LoadResource
GetLastError
MoveFileA
GlobalSize
GetVersion
GetProcAddress
GetCurrentThreadId
DeleteFileA
GetStdHandle
SizeofResource
GlobalFlags
GlobalHandle
GetFileType
GetCurrentProcess
GetModuleHandleA
GetTickCount
FindResourceA
FindClose
IsProcessorFeaturePresent
LocalFlags
CloseHandle
HeapFree
HeapAlloc
HeapReAlloc
ReadFile
DuplicateHandle
CreateProcessA
Beep
Sleep
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetProcessHeap
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
SetLastError
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
SetFilePointerEx
GetConsoleMode
ReadConsoleW
DeleteCriticalSection
GetStartupInfoW
RaiseException
DeleteFileW
FlushFileBuffers
GetConsoleCP
FatalAppExitA
RtlUnwind
WaitForSingleObject
GetExitCodeProcess
CreatePipe
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CreateSemaphoreW
GetFullPathNameA

Sections

.text
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

3f146c641ef41fa6150b3597404b789c

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 500KB - Virtual size: 500KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 24KB - Virtual size: 94KB

.text
Size: 500KB - Virtual size: 500KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 24KB - Virtual size: 94KB