bfc6b7eae2c6a3915cd281c9d6ac47d84f958882a56ef5377f16d9f609e18c52N

Sharing

Copy URL

Twitter E-mail

General

Target

bfc6b7eae2c6a3915cd281c9d6ac47d84f958882a56ef5377f16d9f609e18c52N
Size

256KB
MD5

dddaee7ff6e47e9af878275a4dbd2c00
SHA1

f10d37850a8b6f309f594853a70ce173179718af
SHA256

bfc6b7eae2c6a3915cd281c9d6ac47d84f958882a56ef5377f16d9f609e18c52
SHA512

8e50dafd3bd560e1285737e03bd370bec9e76df0e8fa40ec919a9f475db0cea89ee74bf438524b935038ffebfe0b2faed9562a64cec187c2ce6a647c26e6db06
SSDEEP

6144:W0gNR0dkkjI1Slr+6OLhdq2ZTArF4AcAUgaAq:/gNGCGI18MVdq20R4ANUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfc6b7eae2c6a3915cd281c9d6ac47d84f958882a56ef5377f16d9f609e18c52N

Files

bfc6b7eae2c6a3915cd281c9d6ac47d84f958882a56ef5377f16d9f609e18c52N
.exe windows:4 windows x86 arch:x86

6db891b1df486dbbb1642c14962f1c31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
GetDeviceCaps
DeleteDC
SetTextColor
SetBkColor
SelectObject

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegCloseKey

kernel32

VirtualAlloc
GetCommandLineA
ResetEvent
FindResourceA
IsBadReadPtr
Sleep
VirtualFree
HeapCreate
IsValidCodePage
GetLocalTime
WideCharToMultiByte
CreateProcessA
SizeofResource
SetStdHandle
GetDiskFreeSpaceA
GetVersion
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
GetShortPathNameA
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
FindFirstFileW
CompareStringA
lstrcpyA
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
WaitForMultipleObjects
DeleteFileW
SetEvent
GetStartupInfoW
GetEnvironmentVariableA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
GetProcAddress
GetCurrentThreadId
GlobalAlloc
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
LeaveCriticalSection
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
GetOEMCP
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
GetTempPathA
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetExitCodeProcess
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

oleaut32

VariantClear
SysAllocStringLen
SysFreeString
VariantInit
SysStringLen

user32

ScreenToClient
SetCursor
GetDlgItem
GetSubMenu
SetWindowTextA
ReleaseCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
SetFocus
DispatchMessageA
IsWindowVisible
CreateWindowExA
GetWindowLongA
SetWindowLongA
IsIconic
LoadStringA
IsWindowEnabled
TranslateMessage
LoadCursorA
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetActiveWindow
ReleaseDC
GetCursorPos
GetDC
IsWindow
LoadBitmapA
PostQuitMessage
DestroyMenu
SetForegroundWindow
InvalidateRect
wsprintfA
GetClientRect
CallWindowProcA
SendMessageA
GetDesktopWindow
EndDialog
MessageBoxA
SetWindowPos
EnableMenuItem
FillRect

msvcrt

_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit
_cexit
_controlfp
__p__commode

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6db891b1df486dbbb1642c14962f1c31

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

ole32

oleaut32

user32

msvcrt

Sections

.text Size: 204KB - Virtual size: 200KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 204KB - Virtual size: 200KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB