6fea411030056e1bbb2ba278befca8d0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6fea411030056e1bbb2ba278befca8d0N.exe
Size

272KB
MD5

6fea411030056e1bbb2ba278befca8d0
SHA1

ed82a280615c256ec20121f30e6010b81058c530
SHA256

f86c92013f426e6bf8ffaeda98bccf626b1553f03fce37e72a613e2fd8cb58c1
SHA512

65b45c5f70123d51b020fbbe810e3a971504309ff89998cd5e417a817ea87a4b58cecf6461bc41e1b47b2a5e8a1d0d0e1901b1cde7f21b40d17c1e6b8742c921
SSDEEP

6144:heo1SuGt/s5zeAOcOX4d2jVHmsRXetM48JIBd:go1S3/UD0mY48yd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fea411030056e1bbb2ba278befca8d0N.exe

Files

6fea411030056e1bbb2ba278befca8d0N.exe
.exe windows:4 windows x86 arch:x86

6b0d25ae0205472b02d9b2d36ad5a519

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetTimeZoneInformation
FreeLibraryAndExitThread
lstrlenW
GetStartupInfoW
CompareStringA
HeapAlloc
LoadLibraryA
VirtualFree
SetEnvironmentVariableA
WriteFile
AllocConsole
FindFirstFileExA
GetCommandLineA
TlsSetValue
UnhandledExceptionFilter
GetACP
GetStringTypeW
GetSystemInfo
GetVersionExW
TlsFree
GetEnvironmentStringsW
GetTimeFormatA
GetFileType
GetEnvironmentStrings
HeapCreate
WideCharToMultiByte
GetStringTypeA
GetProcAddress
DeleteCriticalSection
GetStdHandle
HeapFree
GetProfileIntA
GetDateFormatA
GetEnvironmentStringsA
HeapDestroy
VirtualQuery
MultiByteToWideChar
HeapSize
SetLastError
GetCPInfo
InitializeCriticalSection
VirtualProtect
GetStartupInfoA
HeapReAlloc
LeaveCriticalSection
ExitProcess
CompareStringW
GlobalCompact
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidLocale
GetModuleHandleA
GetLocaleInfoW
IsBadWritePtr
IsValidCodePage
GetCurrentThreadId
TlsAlloc
GetUserDefaultLCID
GetCurrentThread
GetModuleFileNameW
GetCurrentProcessId
GetModuleFileNameA
LCMapStringA
GetCommandLineW
InterlockedExchangeAdd
GetTickCount
GetVersionExA
FreeEnvironmentStringsA
GetLocaleInfoA
TlsGetValue
SetHandleCount
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringW
EnumSystemLocalesA
EnterCriticalSection
GetOEMCP
LocalShrink

comdlg32

ChooseColorA
GetSaveFileNameW
GetSaveFileNameA
ChooseColorW
GetFileTitleW
ReplaceTextW
PrintDlgW
GetOpenFileNameA
PageSetupDlgW

wininet

FindFirstUrlCacheContainerA
GetUrlCacheEntryInfoExW
FindFirstUrlCacheEntryExW
GopherGetAttributeA

advapi32

CryptEnumProvidersW
LookupPrivilegeValueA
RegOpenKeyA
RegEnumValueW
RegDeleteKeyA
LookupPrivilegeNameW
RegCloseKey
LookupAccountNameW
CryptGetKeyParam
RegQueryValueW
RevertToSelf
RegReplaceKeyA
RegConnectRegistryW
CreateServiceW
AbortSystemShutdownA
RegSaveKeyW
ReportEventA
RegEnumKeyExW
LookupPrivilegeDisplayNameA
CryptGetProvParam
CryptDuplicateHash

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b0d25ae0205472b02d9b2d36ad5a519

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

advapi32

Sections

.text Size: 158KB - Virtual size: 157KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 1024B - Virtual size: 900B

.text
Size: 158KB - Virtual size: 157KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 1024B - Virtual size: 900B