550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc

Sharing

Copy URL Twitter E-mail

General

Target

550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc
Size

313KB
MD5

26995803275c7b58ce8df20af8f6f7f0
SHA1

d11c28b76b704871736999e0b1e89f9ae7664fc7
SHA256

550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc
SHA512

a83eb1929cbf326ebc683cfc9b2b1ecea022e424290ca9669e52fbecdb2c07cf374f527f252b4263b284a8b0b222f6191ed1114410fdc6a716ee7637dc180f54
SSDEEP

6144:5ZHnHj6FMFbMFqdx1vIr2K/QwlTzT7cEis:vHnHeFMVMQbdALl7wEi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc

Files

550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc
.exe windows:5 windows x86

779a5ec78eca6d1e0c613868f8238abd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetStdHandle
HeapSize
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
FlushFileBuffers
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetLastError
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CreateFileA
GetFileSize
ReadFile
lstrlenA
WriteFile
GetLastError
GetConsoleTitleA
GetCurrentProcessId
GetTickCount
SetConsoleTitleA
Sleep
lstrcpyA
GetProcAddress
LoadLibraryW
WideCharToMultiByte
lstrcmpiA
OpenProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStartupInfoA
GetCommandLineA
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcatA
MultiByteToWideChar
GetProcessHeap
HeapAlloc
CreateEventA
SetConsoleCtrlHandler
CloseHandle
MapViewOfFile
WaitForSingleObject
HeapFree
GetModuleHandleA
HeapReAlloc
LoadLibraryA

user32

GetDlgItem
BeginPaint
GetWindow
GetScrollRange
GetScrollPos
InvalidateRect
PostQuitMessage
SetDlgItemTextA
MessageBoxA
DrawTextA
GetWindowLongA
DefDlgProcA
CreateWindowExA
DispatchMessageW
GetMessageW
GetDC
wvsprintfA
DefWindowProcA
SetWindowLongA
OffsetRect
MoveWindow
FindWindowA
wsprintfA
GetLayeredWindowAttributes
ReleaseDC
ShowWindow
CreateDialogParamA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SendMessageA
EndDialog
GetDlgItemInt
IsDlgButtonChecked
PostMessageA
DestroyWindow
SendDlgItemMessageA
LoadIconA
SetClassLongA
SetDlgItemInt
CheckDlgButton
RedrawWindow
GetClientRect
GetParent
GetSysColor
ClientToScreen
ScreenToClient
EndPaint

gdi32

CreateCompatibleDC
SetPolyFillMode
CreateFontA
CreateCompatibleBitmap
CreateBitmap
SetBkColor
BitBlt
SetTextColor
DeleteDC
DeleteObject
SetBrushOrgEx
SetTextJustification
PatBlt
GetStockObject
CreateDCA
SetBkMode
SelectObject
CreateFontIndirectA

comdlg32

ChooseFontA
GetOpenFileNameA
GetSaveFileNameA

advapi32

EnableTrace
DuplicateEncryptionInfoFile
DuplicateToken

ole32

CLSIDFromString
CoGetMalloc
StgOpenStorage
CreateBindCtx
MkParseDisplayName
CoDisconnectObject

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
SysFreeString
VariantInit

ws2_32

socket
WSACleanup
htons
inet_addr
WSAStartup

psapi

GetModuleFileNameExA

msi

ord92
ord152
ord77

avifil32

AVIStreamGetFrameClose
AVIStreamGetFrame
AVIStreamGetFrameOpen

avicap32

capGetDriverDescriptionA

winmm

timeGetTime

iphlpapi

GetAdaptersInfo

shlwapi

PathFindFileNameA
PathRelativePathToA
PathRemoveBackslashA

comctl32

ord413
ord17

pdh

PdhBrowseCountersA

opengl32

wglMakeCurrent

imm32

ImmAssociateContext

dbghelp

ImageNtHeader

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

wtsapi32

WTSFreeMemory
WTSEnumerateProcessesA

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

779a5ec78eca6d1e0c613868f8238abd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

ws2_32

psapi

msi

avifil32

avicap32

winmm

iphlpapi

shlwapi

comctl32

pdh

opengl32

imm32

dbghelp

setupapi

wtsapi32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 143KB - Virtual size: 142KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 143KB - Virtual size: 142KB

.reloc
Size: 9KB - Virtual size: 9KB