0055981ee6f5f0b24afdf18ee2c3a369b32252dbfea193e5981ee01b9431417a

Sharing

Copy URL Twitter E-mail

General

Target

0055981ee6f5f0b24afdf18ee2c3a369b32252dbfea193e5981ee01b9431417a
Size

433KB
MD5

950cc1158fefdbddd135e9124a73369a
SHA1

295b2416de2e999c543e6d67d77160240ef16ad4
SHA256

0055981ee6f5f0b24afdf18ee2c3a369b32252dbfea193e5981ee01b9431417a
SHA512

f339a337bca7dd83b1a3380d56701fe1ee1cd81772ec0e6ec23bcaadda13135ccb050fba0471d7d53bb1e252f19417b93e3053954ba7cf4c5396e2b90a1b24c5
SSDEEP

12288:pG7iYhy62NuCvYOZ9olerj4dxObKwtZ+n:pG7iYhy62ICvYOLoleP4dMbBZ+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0055981ee6f5f0b24afdf18ee2c3a369b32252dbfea193e5981ee01b9431417a

Files

0055981ee6f5f0b24afdf18ee2c3a369b32252dbfea193e5981ee01b9431417a
.exe windows x86

897924c2bd9a35252cc83a7ba77606a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsW
CreateDirectoryW
GetPrivateProfileStringW
WideCharToMultiByte
LoadLibraryW
FormatMessageW
GetVersionExW
ReadFile
GetProcAddress
FindClose
RemoveDirectoryW
lstrcmpiW
lstrcatW
FindNextFileW
DeleteFileW
GetVolumeInformationW
LocalSize
LocalFree
MultiByteToWideChar
FreeLibrary
GetProcessHeap
SetEndOfFile
CreateFileA
GetLocaleInfoW
LoadLibraryA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetDriveTypeW
FindFirstFileW
lstrcpyW
GetLastError
OpenMutexW
lstrlenW
CreateFileW
CreateMutexW
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
CloseHandle
SetCurrentDirectoryW
GetCurrentDirectoryW
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetFilePointer
ExitProcess
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleHandleA

user32

IsDlgButtonChecked
MoveWindow
SetWindowTextW
wvsprintfW
DialogBoxParamW
EnableWindow
LoadIconW
GetWindowLongW
GetWindowTextW
wsprintfW
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
EndDialog
MessageBoxW
SendMessageW

comdlg32

GetSaveFileNameW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize

imm32

ImmReleaseContext
ImmSetOpenStatus
ImmGetContext
ImmGetOpenStatus

shlwapi

PathAppendW
PathIsDirectoryW

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

897924c2bd9a35252cc83a7ba77606a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

imm32

shlwapi

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 16KB

.rsrc Size: 264KB - Virtual size: 264KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 16KB

.rsrc
Size: 264KB - Virtual size: 264KB

.reloc
Size: 10KB - Virtual size: 10KB