55443ed858b5ed3bba88240cf780982a

Sharing

Copy URL Twitter E-mail

General

Target

55443ed858b5ed3bba88240cf780982a
Size

976KB
MD5

55443ed858b5ed3bba88240cf780982a
SHA1

207ca494f6e4a6717e4f54e9932eb255fb2bb0af
SHA256

dc40fd8acacaecd4c4deeae74f8b5988ad6d350b4ad07d727d0b3ee202078401
SHA512

afe62bf74f84c78568518649c1181e1c646e275176c5088e218f16f2ec0d8c252a9d1425df125b452d610f3f17f0c9be2f324fa5bf5622ce93237b6033317083
SSDEEP

6144:8Ron9XHDMAO7oDwL9QjSLdYZc8Gz1TwNbZx/bCHfYPiwwP+hY3FMrRTsF:oonVHwab6dsc8C1TabZxzC/YPiw7XJY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55443ed858b5ed3bba88240cf780982a

Files

55443ed858b5ed3bba88240cf780982a
.exe windows:4 windows x86 arch:x86

dd6fe85a29ded60ffd806047eb15e294

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToTzSpecificLocalTime
GetSystemTime
CreateThread
WinExec
GetModuleHandleA
WriteProcessMemory
VirtualFreeEx
lstrcpyW
ReadProcessMemory
VirtualAllocEx
GetComputerNameA
GetPrivateProfileSectionNamesA
SetEndOfFile
GetLogicalDriveStringsA
DeviceIoControl
CancelIo
GetDriveTypeA
WaitForMultipleObjects
CreatePipe
GetStdHandle
DuplicateHandle
ReleaseMutex
CreateMutexA
HeapFree
GetEnvironmentVariableA
lstrcpyA
GetProcessHeap
CreateToolhelp32Snapshot
ProcessIdToSessionId
OpenProcess
Process32Next
HeapAlloc
SizeofResource
LoadResource
FindResourceA
WaitForSingleObject
LockResource
Process32First
SetFileAttributesA
MoveFileA
WriteFile
GetCurrentThreadId
SetUnhandledExceptionFilter
VirtualQuery
ExitProcess
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocaleInfoA
SetEnvironmentVariableA
GetTickCount
LocalAlloc
SetLastError
GetLastError
GetCurrentProcess
LocalFree
EnterCriticalSection
GetStartupInfoA
LoadLibraryA
CopyFileA
ResetEvent
RemoveDirectoryA
GetCurrentDirectoryA
GetProcAddress
LeaveCriticalSection
SetFilePointer
SetThreadPriority
GetCommandLineA
UnhandledExceptionFilter
TlsGetValue
CompareStringW
GetVersionExA
SetEvent
UnmapViewOfFile
MapViewOfFile
WideCharToMultiByte
MultiByteToWideChar
OpenFileMappingA
GetCurrentThread
FreeLibrary
DeleteFileA
GetThreadPriority
DeleteCriticalSection
CloseHandle
CreateProcessA
GlobalAlloc
GlobalLock
CreateEventA
FindNextFileA
GetFileSize
GlobalUnlock
InitializeCriticalSection
FindClose
CreateFileA
GetTempFileNameA
GetTempPathA
FindFirstFileA
Sleep
CreateDirectoryA
GlobalFree
ReadFile
GetFileAttributesA
GetPrivateProfileIntA
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
TerminateProcess
IsDebuggerPresent
RaiseException
HeapSize
GetCPInfo
GetACP
GetOEMCP
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetStringTypeW
GetStringTypeA
RtlUnwind
HeapReAlloc
VirtualAlloc
GetEnvironmentStringsW
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetSystemTimeAsFileTime

advapi32

RegCloseKey
RegOpenKeyExA
OpenProcessToken
SetSecurityDescriptorDacl
RegSetKeySecurity
GetSidSubAuthority
GetSidLengthRequired
LookupPrivilegeValueA
InitializeSid
RegCreateKeyExA
GetAce
RegRestoreKeyA
InitializeAcl
RegQueryValueExA
RegSaveKeyA
AdjustTokenPrivileges
InitializeSecurityDescriptor
AddAccessAllowedAce
SetFileSecurityA
RegSetValueExA
RegEnumValueA
DuplicateTokenEx
RegOpenKeyA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA

comctl32

CreateToolbarEx
_TrackMouseEvent
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy
PropertySheetA
ord17

gdi32

DeleteDC
SelectObject
DeleteObject
GetStockObject
CreateDIBitmap
CreateFontA
CreateFontIndirectA
SetTextColor
GetCurrentObject
TextOutA
CreateSolidBrush
GetTextExtentPoint32A
CreateCompatibleDC
BitBlt
CreatePen
CreateCompatibleBitmap
ExtTextOutA
SetBkMode
SetTextAlign
MoveToEx
LineTo
CreateFontIndirectW
CreateDIBSection
CreatePatternBrush
StretchBlt
GetObjectA

msacm32

acmFormatEnumA
acmDriverEnum
acmDriverOpen
acmFormatDetailsA
acmFormatTagEnumA
acmDriverClose
acmDriverDetailsA
acmStreamOpen
acmStreamSize
acmStreamConvert
acmStreamClose
acmStreamUnprepareHeader
acmStreamPrepareHeader

ole32

CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoTaskMemAlloc
CoInitialize
CoCreateInstance

oleaut32

OleLoadPicturePath
OleLoadPicture
VariantClear
SysAllocString
VariantInit
SysFreeString

shell32

SHChangeNotify
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteA
SHBrowseForFolderA

shlwapi

SHDeleteEmptyKeyA
SHDeleteKeyA

user32

SetPropA
GetPropA
GetWindowDC
GetSysColor
LoadCursorA
GetKeyState
GetKeyNameTextA
MapVirtualKeyA
GetClipboardData
CloseClipboard
DialogBoxIndirectParamA
GetDesktopWindow
CallWindowProcA
RemovePropA
MapDialogRect
IsClipboardFormatAvailable
OpenClipboard
GetMessageA
SetMenuDefaultItem
CreateDialogParamA
TranslateMessage
ScreenToClient
IsWindow
AppendMenuA
CreatePopupMenu
DrawIconEx
DrawTextA
FrameRect
SetScrollPos
FillRect
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
DrawFocusRect
GetIconInfo
DrawEdge
GetWindowTextA
DrawStateA
InflateRect
EndDialog
PeekMessageA
EnableWindow
ClientToScreen
GetDlgCtrlID
GetWindowPlacement
EndPaint
BeginPaint
FindWindowExA
SetForegroundWindow
FlashWindowEx
SetWindowPos
SetMenuItemInfoA
PostQuitMessage
GetMenu
InsertMenuA
SetWindowPlacement
GetWindowThreadProcessId
InsertMenuItemA
IsZoomed
wsprintfW
GetSysColorBrush
LoadIconA
SetActiveWindow
UpdateWindow
IsWindowVisible
CheckMenuItem
IsIconic
GetFocus
GetClassNameA
GetDlgItemInt
MsgWaitForMultipleObjects
DispatchMessageA
WaitForInputIdle
ReleaseDC
FindWindowA
SetScrollInfo
SetCursor
SetWindowLongA
GetScrollInfo
GetCursor
CreateWindowExA
IsDialogMessageA
SendMessageA
SetTimer
PostMessageA
SetWindowTextA
SetFocus
KillTimer
GetClientRect
DestroyMenu
MessageBoxA
TrackPopupMenu
GetCursorPos
GetDlgItem
DestroyWindow
LoadMenuA
MoveWindow
GetParent
DialogBoxParamA
GetDlgItemTextA
GetSubMenu
SendDlgItemMessageA
ShowWindow
GetWindowRect
EnableMenuItem
SetDlgItemTextA
CheckDlgButton
IsDlgButtonChecked
DefWindowProcA
GetWindowLongA
GetDC
SendMessageTimeoutA
LoadImageA
RegisterClassA
DestroyIcon
InvalidateRect

winmm

waveOutOpen
waveOutRestart
waveOutPause
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutWrite
waveOutGetNumDevs
waveInGetNumDevs

ws2_32

WSACleanup
inet_addr
htons
gethostbyname
closesocket
WSAStartup
recv
connect
ioctlsocket
send
WSAGetLastError
__WSAFDIsSet
select
socket

Sections

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 564KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd6fe85a29ded60ffd806047eb15e294

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

msacm32

ole32

oleaut32

shell32

shlwapi

user32

winmm

ws2_32

Sections

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 308KB - Virtual size: 486KB

.rsrc Size: 564KB - Virtual size: 564KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 308KB - Virtual size: 486KB

.rsrc
Size: 564KB - Virtual size: 564KB