555016914b305a3a0f6c20ac58275258

Sharing

Copy URL Twitter E-mail

General

Target

555016914b305a3a0f6c20ac58275258
Size

159KB
MD5

555016914b305a3a0f6c20ac58275258
SHA1

e56a7d2ad3db35a69291e8ced2769c039dc4899f
SHA256

7d9157e937e116aea1fd8b5807a229492f551a7a2525c8c9dcd36d53f516805b
SHA512

3f2042e6ec1e0454634d676fa91e78102fb74864a8814751231d82850e3d5c2cc499b4e024a7ff3ec8952805e95b6f0057c1178499fa439d7fbdb07525e14b99
SSDEEP

3072:WCYUDqRFSnO6xymcwbrpD1Ut2Pwrmpv18Tb0ta:WCx6YbrcQrput2Pv430ta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
555016914b305a3a0f6c20ac58275258

Files

555016914b305a3a0f6c20ac58275258
.exe windows:4 windows x86 arch:x86

42af245527819207ed5d67b1110588eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
CreateFileA
AddAtomA
CopyFileExA
ReadConsoleA
CreateDirectoryA
GetStdHandle
DeleteFileW
FindResourceA
GetFileTime
FindFirstFileA
CreateThread
CopyFileExW
OpenFileMappingA
CreateProcessA
GetComputerNameA
ExitThread
CopyFileW
CopyFileExA
OpenFile
WriteFile
ReadFile
ExitThread
GetStdHandle
FindResourceW
GlobalFree
CreateFileA
DeleteFileA
GetFileTime
CreateThread
GetFileSize
ExitThread
CopyFileA
DeleteFileA
CreateDirectoryA
CreateMutexW
OpenFile
CreateThread
CopyFileW
GetStdHandle
FindResourceA
DeleteFileW
CreateFileA
GetFileTime
GetConsoleMode
CreateProcessA
ReadFile
ExitThread
CopyFileExA
DeleteFileA
CopyFileA
GetComputerNameA
ReadConsoleA
CopyFileW
AddAtomA
GetStdHandle
FindResourceW
CreateMutexW
WriteFile
GlobalFree
FindFirstFileA
CreateThread
DeleteFileW
FindResourceA
OpenFileMappingA
ExitThread
AddAtomA
CreateMutexA
ReadConsoleA
GetFileTime
GetComputerNameA
GlobalFree
CopyFileExW
GetStdHandle
CopyFileW
GetConsoleMode
CreateFileA
DeleteFileA
WriteFile
OpenFileMappingA
GetFileTime
GetComputerNameA
CopyFileW
ReadConsoleW
ExitThread
GlobalFree
GetConsoleMode
OpenFile
DeleteFileW
FindFirstFileA
CreateProcessA
GetStdHandle
CopyFileExA
FindResourceA
GetFileSize
CopyFileExW

Sections

.bbs
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 8KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 19B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42af245527819207ed5d67b1110588eb

Headers

File Characteristics

Imports

kernel32

Sections

.bbs Size: 100KB - Virtual size: 99KB

.itext Size: 12KB - Virtual size: 9KB

.reloc Size: 12KB - Virtual size: 8KB

.edata Size: 8KB - Virtual size: 2.8MB

.bss Size: 4KB - Virtual size: 19B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 12KB - Virtual size: 8KB

.rsrc Size: 12KB - Virtual size: 8KB

.bbs
Size: 100KB - Virtual size: 99KB

.itext
Size: 12KB - Virtual size: 9KB

.reloc
Size: 12KB - Virtual size: 8KB

.edata
Size: 8KB - Virtual size: 2.8MB

.bss
Size: 4KB - Virtual size: 19B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 12KB - Virtual size: 8KB