558c57449874827ca379e284d47f02d0 | Triage

Sharing

General

Target

558c57449874827ca379e284d47f02d0
Size

180KB
MD5

558c57449874827ca379e284d47f02d0
SHA1

0889489ca044ffe83e170a48ab0ac5f058c32ed6
SHA256

c6fe20e04146f996c45cab1ea93d49757733cc0124e25e9e2eb78da5254a051a
SHA512

5c4b49d8ce5820a0a4bd67ad3075bb3f34abff77ca13e6649fafbe98a4872f3c4299d17bededc7513cf18010002bf69a3eb510756a81f65b904de098f2d7b397
SSDEEP

3072:APng6y5x2ns3REq1bT5iDjf7etYJL7WiEGj40yDOF94tbDpI/PIjcPbYw9CR99:4ndU8sN1bT5Kf72YJL7Wixj4BZGbYww3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
558c57449874827ca379e284d47f02d0

Files

558c57449874827ca379e284d47f02d0
.dll windows:4 windows x86 arch:x86

2191e3d3151754ff03f5cc2363e4a0f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
ExpandEnvironmentStringsA
GetACP
GetCommandLineA
GetDriveTypeA
GetFileType
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
IsDebuggerPresent
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
WaitForSingleObject

user32

FrameRect
CheckRadioButton
SetScrollInfo
UpdateWindow

winmm

timeBeginPeriod
sndPlaySoundA
joy32Message
timeEndPeriod

ole32

CoTaskMemAlloc
CoBuildVersion
CoCreateInstance
CoTaskMemFree

advapi32

CreateProcessAsUserA
RegOpenCurrentUser
RegDeleteValueA
LookupAccountSidW
RegisterServiceCtrlHandlerA
EnumServiceGroupW
CryptAcquireContextW
AddAuditAccessAce
RegSetValueW

shlwapi

StrToIntA
PathStripPathA
PathFindFileNameA

Exports

Exports

GetAPIVersionEx
GetAverageFileSize

Sections

.text
Size: 115KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ