6e6b12187728816bf314df24e40128c0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6e6b12187728816bf314df24e40128c0N.exe
Size

496KB
MD5

6e6b12187728816bf314df24e40128c0
SHA1

0b38b8dc6292b44a547c6abb08991f615a8e60dd
SHA256

fad4ab46e6151e69c7f419db9b4d4df182b61d140df567cddacf8fa8636329c2
SHA512

209e5b3eb65d1608824c0f9cde4fa7da06dd5ce5ab896ec470bf3a2d1a6e632bcffa66db6ab5e7322225b9a17ad284688eb97aa1a1cbca6dbc380b897d9da906
SSDEEP

6144:R7KdVrHGNCde9MSWQ4FO3PfG6Xnf9mwc/S15JAUferkb5rcYd+Cy4OhpdLx:R7crHGNCsgge6Xn4O5JGkb5zQs4pdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e6b12187728816bf314df24e40128c0N.exe

Files

6e6b12187728816bf314df24e40128c0N.exe
.dll windows:6 windows x86 arch:x86

272a8e429cb72450b39de75ddf729a36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileW
LoadLibraryExW
CreateProcessA
GetUserDefaultLangID
GetSystemDefaultLangID
GetDriveTypeW
FreeLibrary
SetEnvironmentVariableW
Sleep
VirtualAlloc
VirtualProtect
VirtualQuery
GetSystemDefaultUILanguage
VerSetConditionMask
GetCommState
GlobalLock
GetSystemTimeAsFileTime
GetWindowsDirectoryA
ClearCommBreak
GetCommandLineA
IsProcessorFeaturePresent
TerminateProcess
SetThreadPriority
CreateNamedPipeA
IsValidCodePage
FindClose
CreateEventW
GetStringTypeW
FindFirstFileW
UnmapViewOfFile
QueryPerformanceCounter
GetLogicalDrives
SetCommState
GetVersion
RemoveDirectoryW
GetThreadTimes
SwitchToThread
SetEndOfFile
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
HeapReAlloc
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetModuleFileNameW
WriteFile
GetOEMCP
GetACP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
GetFileType
GetStdHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetProcessHeap
TlsAlloc
WinExec
DeleteCriticalSection
IsDebuggerPresent
GetModuleHandleA
GetLocalTime
EnterCriticalSection
IsDBCSLeadByteEx
FileTimeToSystemTime
IsValidLocale
VirtualQueryEx
EnumCalendarInfoW
SetErrorMode
LockResource
GetPrivateProfileStringW
GetSystemTimeAdjustment
GetTickCount
CreateDirectoryW
GetCPInfo
DeviceIoControl
GetExitCodeThread
GetStartupInfoW
GetCurrentProcess
GetFileSize
CompareStringW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
GetLocaleInfoW
LCMapStringW
WideCharToMultiByte
EncodePointer
DecodePointer
LeaveCriticalSection
MultiByteToWideChar
GetLastError
HeapFree
GetCurrentThreadId
RaiseException
RtlUnwind
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress

user32

LoadStringA
CheckMenuRadioItem
EnableScrollBar
GetDlgCtrlID
GetWindowThreadProcessId
EndPaint
IsIconic
CreateIconIndirect
GetSysColorBrush
GetKeyboardType
DestroyMenu
PostMessageW
GetWindowTextW
SetWindowLongW
SetMenuItemInfoW
GetWindow
EnumChildWindows
ToUnicode
CharUpperBuffW
DrawFocusRect
CheckMenuItem
MessageBoxA
DrawTextExW
ModifyMenuW
GetDC
GetDesktopWindow
ValidateRgn
LoadMenuW

gdi32

SetViewportExtEx
GetRgnBox
SetWinMetaFileBits
StretchBlt
SetStretchBltMode
PlayEnhMetaFile
Arc
Ellipse
OffsetRgn
ExtCreateRegion
CloseEnhMetaFile
GetTextExtentPointW

comdlg32

FindTextW
GetSaveFileNameW

advapi32

RegGetKeySecurity
RegUnLoadKeyW
ChangeServiceConfigW
OpenServiceW
ControlService
RegQueryValueExW
RegConnectRegistryW
OpenSCManagerW

shell32

ShellExecuteW

oleaut32

SafeArrayGetLBound
VariantChangeType
VariantInit

Sections

.text
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

272a8e429cb72450b39de75ddf729a36

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 381KB - Virtual size: 380KB

.rdata Size: 78KB - Virtual size: 78KB

.data Size: 20KB - Virtual size: 231KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 381KB - Virtual size: 380KB

.rdata
Size: 78KB - Virtual size: 78KB

.data
Size: 20KB - Virtual size: 231KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 14KB