6fd091f30457c5ed7ddca6a5c727c8a1ec286e38aa37bffc2930d6e1b8afe4c1

Sharing

Copy URL

Twitter E-mail

General

Target

6fd091f30457c5ed7ddca6a5c727c8a1ec286e38aa37bffc2930d6e1b8afe4c1
Size

566KB
MD5

210d7da53c2096bb05028d882527fa38
SHA1

8796183bee7500e79e4a75249c678badea1a6855
SHA256

6fd091f30457c5ed7ddca6a5c727c8a1ec286e38aa37bffc2930d6e1b8afe4c1
SHA512

98bdbe55a9ebe3b588d82006edcbdeebf87d0f6e0230e6102e591420da832142533bf748c3d234bf173ece9c44b11dc46b83c37e148de2704867fa7dad526479
SSDEEP

3072:X9NsRgJ4lPNO5AQ7MA5yhDFmowx+GVUfrj3Mf9SSJi:X9NkgJ4lPNO5AQoAAmeffcsSJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fd091f30457c5ed7ddca6a5c727c8a1ec286e38aa37bffc2930d6e1b8afe4c1

Files

6fd091f30457c5ed7ddca6a5c727c8a1ec286e38aa37bffc2930d6e1b8afe4c1
.exe windows:6 windows x86 arch:x86

33908ae3353547deb1a0ab6c7818d1ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
HeapFree
SetConsoleTextAttribute
GetStdHandle
CreateToolhelp32Snapshot
Sleep
GetTickCount64
Process32NextW
Process32FirstW
CloseHandle
HeapAlloc
GetCurrentProcessId
GetProcessHeap
UnhandledExceptionFilter
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

vcruntime140

memcpy
memset
__current_exception_context
__current_exception
_except_handler4_common
strstr

ws2_32

closesocket
gethostbyname
shutdown
WSASocketW
WSACleanup
htonl
WSAStartup
WSAGetLastError
setsockopt
ioctlsocket
sendto
getaddrinfo
recv
recvfrom
connect
socket
inet_addr
send

ucrtbase

_itoa
atoi
_set_new_mode
_configthreadlocale
__setusermatherr
exit
_crt_atexit
_seh_filter_exe
_set_app_type
_controlfp_s
_configure_narrow_argv
system
_get_initial_narrow_environment
_initterm
_initterm_e
_Exit
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
terminate
_initialize_narrow_environment
_register_onexit_function
_initialize_onexit_table
fread
__acrt_iob_func
feof
fclose
_set_fmode
__p__commode
fseek
__stdio_common_vfprintf
fgets
fopen_s
fwrite
__stdio_common_vsprintf
strtok_s
_stricmp
_strnicmp
strncpy
_strupr
strtok
strncmp
strcat_s

Sections

.text
Size: 557KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SCY
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33908ae3353547deb1a0ab6c7818d1ac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

ws2_32

ucrtbase

Sections

.text Size: 557KB - Virtual size: 560KB

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 4KB

.SCY Size: 2KB - Virtual size: 4KB

.text
Size: 557KB - Virtual size: 560KB

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 4KB

.SCY
Size: 2KB - Virtual size: 4KB