6a1095d600f2853d75f55d5283612eb0N[.]exe

General

Target

6a1095d600f2853d75f55d5283612eb0N.exe
Size

270KB
MD5

6a1095d600f2853d75f55d5283612eb0
SHA1

6a4325520fd8ee783a1158836cd37a2b775c5959
SHA256

169622bd814e1abe2dc392ef813951f6b481f81ae41b00e497dbcbd372a37686
SHA512

4a3df7e2fc501374f43a56d4c764becd1648421d56463966dfa5480e8a9eb84d144d8940a3e78292cd04edf22b1ed8367b508fe983156fe3ea81eba104d3fb78
SSDEEP

6144:9Q35nVV8A85nSfKipSV1LCY+ZD/tAXPbOGEGGkLyes:9s5nVL85S3i5cD4PKGEG7yes

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a1095d600f2853d75f55d5283612eb0N.exe

Files

6a1095d600f2853d75f55d5283612eb0N.exe
.exe windows:4 windows x86 arch:x86

41fc393d494d1b95f0ecac98714edbff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
FreeEnvironmentStringsA
GetStartupInfoA
AddAtomA
SetLastError
SetHandleCount
GetCurrentProcessId
GetOEMCP
UnhandledExceptionFilter
IsBadWritePtr
InterlockedExchange
VirtualFree
HeapCreate
GetSystemTimeAsFileTime
HeapDestroy
SetEndOfFile
FreeEnvironmentStringsW
GetStdHandle
TlsSetValue
EnumResourceLanguagesA
GetSystemInfo
GetEnvironmentStrings
QueryPerformanceCounter
TlsAlloc
GetModuleFileNameA
GetACP
VirtualAlloc
TlsFree
GetDiskFreeSpaceW
WriteFile
GetCurrentProcess
GetEnvironmentStringsW
GetLocaleInfoA
VirtualQuery
GetVersionExA
TlsGetValue
TerminateProcess
HeapSize
GetFileType
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

GetDlgItem
EnumChildWindows
DestroyWindow
IsWindow
CreateWindowExW
SendMessageA
GetWindowThreadProcessId

Sections

.text
Size: 134KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41fc393d494d1b95f0ecac98714edbff

Headers

File Characteristics

Imports

kernel32

shell32

newdev

mprapi

iphlpapi

setupapi

user32

Sections

.text Size: 134KB - Virtual size: 277KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 277KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB