a6edb02fe2266b711eed9fc9856db8cb61fa86332a900b650c5006364c056a68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6edb02fe2266b711eed9fc9856db8cb61fa86332a900b650c5006364c056a68
Size

7.0MB
MD5

7377b39b480ad92b8f21d1f694abe625
SHA1

3eaab997ee4de148d0f15e19c35562cd00a4b248
SHA256

a6edb02fe2266b711eed9fc9856db8cb61fa86332a900b650c5006364c056a68
SHA512

5d761afb12f97cb232e5ed83b617b99f35908356b6a90ac9045f3dc2985144f72f19710f3b5f665cf5c539fa7e4fc329433627438378490b143958b61f85296d
SSDEEP

98304:OqepPTl91Rk6Qf9MUF+fVGTbWuN+nKP1Y9wc59YIK1LPY7j8kEesNM2k7xTAp/fA:FeVU6I9FZTawdc4LLQHhEe5rCpHsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KunLauncher.exe

Files

a6edb02fe2266b711eed9fc9856db8cb61fa86332a900b650c5006364c056a68
.zip
KunLauncher.exe
.exe windows:6 windows x86 arch:x86

88999bf30328d60f9ed8c2d5572173df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep

advapi32

RegCloseKey

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

shell32

SHGetFolderPathW

Sections

.text
Size: 6.3MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 789KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
run KunLauncher.exe with path.bat