6f32723b4121cc669ef520e0504fd5fcd41b875ca6fae89fc97f312b585a0027

Sharing

Copy URL

Twitter E-mail

General

Target

6f32723b4121cc669ef520e0504fd5fcd41b875ca6fae89fc97f312b585a0027
Size

1.9MB
MD5

cd659067233f8c39700456980aadd8cc
SHA1

d85100c2f7d9ebff411914d44e7b23629c53efbb
SHA256

6f32723b4121cc669ef520e0504fd5fcd41b875ca6fae89fc97f312b585a0027
SHA512

d3786d7b68ffcbdc2cb212fed087ad343b7f09b621ba4f9e6cc10f1d028ca95152f964ee9b11dafccb1074dfe7cc5740735d70e2563f973c5d4bebbf191a0cc7
SSDEEP

49152:IR6VITmhtzrOvaH68BUeVq7god13c8SMsiB5vQOR6+OQfq4xOhMn:U60mhtzrWaH68BUeo13c8SMsiB9xOhMn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f32723b4121cc669ef520e0504fd5fcd41b875ca6fae89fc97f312b585a0027

Files

6f32723b4121cc669ef520e0504fd5fcd41b875ca6fae89fc97f312b585a0027
.exe windows:6 windows x86 arch:x86

50cdb1b392e09bc322ca35e8f4935cd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
ReleaseSemaphore
SearchPathW
GlobalGetAtomNameW
GetTickCount
TerminateJobObject
GetProcessHeap
LoadLibraryA
GetConsoleWindow
ReadConsoleInputA
PeekConsoleInputA
HeapAlloc
MoveFileExA
GetNumberOfConsoleInputEvents
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
GetStringTypeW
EnumSystemLocalesEx
IsValidLocaleName
LCMapStringEx
GetUserDefaultLocaleName
GetLocaleInfoEx
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
HeapSize
LoadLibraryW
OutputDebugStringW
WriteConsoleW
SetFilePointerEx
SetStdHandle
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetLastError
AreFileApisANSI
MultiByteToWideChar
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetStartupInfoW
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FatalAppExitA
HeapFree
Sleep
CloseHandle
FlushFileBuffers
GetStdHandle
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetFileType
InitOnceExecuteOnce
RtlUnwind
ReadFile
ReadConsoleW
SetFilePointer
DeleteFileW
MoveFileExW
GetModuleFileNameW
InterlockedExchange
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
SetConsoleMode

wsnmp32

ord906

crypt32

CertGetEnhancedKeyUsage

ole32

CreateAntiMoniker
OleSetAutoConvert
StringFromIID
HMETAFILE_UserUnmarshal
OleRegGetMiscStatus
RegisterDragDrop
CreateStreamOnHGlobal

shell32

ShellExecuteA
FindExecutableA
SHGetFileInfo

pdh

PdhOpenLogW
PdhBrowseCountersW

winmm

waveOutBreakLoop
midiInPrepareHeader
mmioGetInfo
joyGetPosEx
mixerMessage
waveInUnprepareHeader
mmioAdvance
mmioRenameA

user32

ShowWindow

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50cdb1b392e09bc322ca35e8f4935cd6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wsnmp32

crypt32

ole32

shell32

pdh

winmm

user32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 4KB

.data Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 4KB

.data
Size: 1.7MB - Virtual size: 1.7MB