55ec671d16161867804cb96fdd76d720

Sharing

Copy URL

Twitter E-mail

General

Target

55ec671d16161867804cb96fdd76d720
Size

263KB
MD5

55ec671d16161867804cb96fdd76d720
SHA1

229a4db35a95ec859d470f24093f0d0e23d41fd6
SHA256

47d5028ca7e4320c9242d280c12cb6355aa2c216878376b9b18d7493466d8da7
SHA512

1af649354f438ec2344ceeff6a5d799b5df53c5045b9436bd77311a82093f44697a878f852928e0d25d7df67e7762f37fe8584535642d48a0d684daca71bba48
SSDEEP

6144:1yN1x7yWlN2xjqH39JMEDQEh1UAvdPLM8:1yLxxHXLjdP48

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55ec671d16161867804cb96fdd76d720

Files

55ec671d16161867804cb96fdd76d720
.dll windows:4 windows x86 arch:x86

5ce5e68cc101dab8e48a470aa16f1358

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RemoveDirectoryA
CreateDirectoryA
GetVersion
HeapAlloc
GetProcessHeap
HeapFree
LocalAlloc
VirtualProtect
VirtualQuery
GetPrivateProfileIntA
GetPrivateProfileStringW
GetPrivateProfileStringA
LocalLock
LocalReAlloc
GetFileAttributesW
LocalHandle
LocalFree
lstrcpyA
WideCharToMultiByte
ReadFile
CreateFileW
VirtualAlloc
OpenProcess
VirtualFree
WaitForSingleObject
CreateEventA
GetCurrentProcessId
FlushInstructionCache
SetLastError
GetFileAttributesA
MultiByteToWideChar
MoveFileA
DeleteFileA
GetLocalTime
GetVersionExA
GetCurrentProcess
LoadLibraryA
FreeLibrary
GetProcAddress
MulDiv
CreateFileA
SetEndOfFile
WriteFile
SetSystemPowerState
GetTickCount
GetCurrentThreadId
FindFirstFileW
lstrcmpW
FindNextFileW
FindFirstFileA
FindClose
FindNextFileA
GetModuleFileNameA
SetErrorMode
WritePrivateProfileStringA
GetLastError
GetStringTypeExW
CompareStringW
lstrcmpiW
DeleteCriticalSection
SuspendThread
InitializeCriticalSection
Sleep
EnterCriticalSection
LeaveCriticalSection
lstrlenW
lstrcatA
lstrcmpiA
GetModuleHandleA
lstrcpynW
GlobalFree
CreateThread
ResumeThread
lstrlenA
lstrcpynA
LocalUnlock
CloseHandle
DisableThreadLibraryCalls

user32

SetWindowLongW
SetParent
SetMenuItemInfoA
GetMenuItemInfoA
EnableMenuItem
GetSubMenu
DestroyMenu
SetFocus
TrackPopupMenuEx
InsertMenuItemA
CreatePopupMenu
LoadMenuA
SetDlgItemTextW
MapDialogRect
EnumThreadWindows
CheckMenuItem
ExitWindowsEx
WindowFromPoint
GetSystemMetrics
CreateWindowExW
SetMenuDefaultItem
IsMenu
ClientToScreen
ReleaseCapture
SetCapture
GetWindow
SystemParametersInfoA
IsChild
CreateAcceleratorTableA
SetCursor
LoadCursorA
EnableScrollBar
GetScrollInfo
GetScrollPos
GetScrollRange
SetScrollInfo
SetScrollPos
SetScrollRange
ShowScrollBar
GetSysColorBrush
DrawEdge
GetWindowDC
DrawFrameControl
OffsetRect
SetRect
GetMessagePos
EnumWindows
SetActiveWindow
GetWindowThreadProcessId
UnhookWindowsHookEx
DestroyCursor
GetActiveWindow
GetDC
ShowWindow
ReleaseDC
SendMessageW
IsWindowUnicode
GetDlgItemTextW
IsWindowEnabled
GetFocus
CharNextW
wsprintfW
PostMessageA
WindowFromDC
DrawTextA
CopyRect
GetWindowTextA
MapWindowPoints
GetSysColor
FillRect
SendDlgItemMessageA
DrawIconEx
DrawTextW
DrawFocusRect
BeginPaint
ScreenToClient
EndPaint
InvalidateRect
IsDlgButtonChecked
GetDlgCtrlID
SetWindowLongA
LoadImageA
GetDlgItem
GetPropA
SetPropA
IsWindow
GetWindowRect
SetWindowPos
CharNextA
MessageBoxA
SetForegroundWindow
SetDlgItemInt
CreateWindowExA
GetDlgItemTextA
SetDlgItemTextA
GetWindowLongA
EndDialog
DestroyWindow
RemovePropA
CallWindowProcA
GetMenuItemID
GetMenuItemCount
GetKeyState
DeleteMenu
SendMessageA
wsprintfA
CharPrevA
GetTabbedTextExtentW
GetTabbedTextExtentA
GetCapture
GetParent
IsWindowVisible
GetCursorPos
PtInRect
SetWindowsHookExA
RegisterWindowMessageW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
EnableWindow
FrameRect
RegisterWindowMessageA
SetTimer
CharPrevW
KillTimer
DialogBoxParamA
CreateDialogParamA
SetWindowTextA
CallNextHookEx
GetClientRect
LoadStringA

gdi32

BitBlt
SetStretchBltMode
FillRgn
CreateRectRgn
CombineRgn
CreateFontA
CreateHatchBrush
GetTextExtentPoint32A
StretchBlt
GetTextMetricsA
ExcludeClipRect
ExtTextOutA
PatBlt
SetBrushOrgEx
UnrealizeObject
CreatePatternBrush
CreateBitmap
CreatePen
GetNearestColor
CreateBrushIndirect
LineTo
MoveToEx
CreateCompatibleDC
SelectObject
GetPixel
DeleteDC
GetBkColor
CreateSolidBrush
SetBkMode
SetBkColor
GetDeviceCaps
DeleteObject
SetTextColor

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegNotifyChangeKeyValue

shell32

SHGetDesktopFolder
DragAcceptFiles
DragQueryFileA
DragQueryFileW
DragFinish
ShellExecuteA

shlwapi

PathRemoveFileSpecW

msvcrt

malloc
_onexit
__dllonexit
free
_purecall
_wcsdup
memcpy
_adjust_fdiv
_initterm

Exports

Exports

winampGetGeneralPurposePlugin
winampUninstallPlugin

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ce5e68cc101dab8e48a470aa16f1358

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 95KB

.idata Size: 63KB - Virtual size: 62KB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 95KB

.idata
Size: 63KB - Virtual size: 62KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 16KB - Virtual size: 16KB