56a25b61e95986085e5b31942e12438c

Sharing

Copy URL

Twitter E-mail

General

Target

56a25b61e95986085e5b31942e12438c
Size

191KB
MD5

56a25b61e95986085e5b31942e12438c
SHA1

6235a768e1e3142f25a3b1e38d5c75a0ad874fed
SHA256

e4c37cd0789b87360d975ad28885ca96182cdbafb09fccf838b587fa1eee0121
SHA512

606e4163434241d8e28bf65ca498b46bfd194e8854aabdb003cf5b3e894eefa22b8bf0997402d0753e2945695c2f9f903c24aaf0350e70388d006563b99441bf
SSDEEP

3072:o3RGPZKuN8WDiTkca+oZuFmtPzQ7+FhHGUKY7Yxo0XeoKHR5DTD6Wo:7Dp8FmRz3FhmUK39uJHR5Ds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56a25b61e95986085e5b31942e12438c

Files

56a25b61e95986085e5b31942e12438c
.exe windows:4 windows x86 arch:x86

239b8d286f7ab2177f60c9636e62698c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
SetFileAttributesW
lstrlenW
FileTimeToSystemTime
FreeLibrary
FindCloseChangeNotification
GetVersion
CreateThread
QueryPerformanceCounter
MultiByteToWideChar
QueryDosDeviceA
GlobalLock
DeleteFileW
WideCharToMultiByte
lstrcmpW
InitializeCriticalSection
InterlockedIncrement
FindNextChangeNotification
GetProcessId
LoadLibraryExW
LoadLibraryA
GetACP
FindFirstChangeNotificationW
GetCurrentDirectoryW
FindClose
GetFileAttributesW
GetProcAddress
GetPrivateProfileStringW
GetVersionExW
GetThreadLocale
GetTickCount
GetLocaleInfoW
LoadLibraryW
FileTimeToLocalFileTime
GlobalUnlock
EnumResourceTypesA
GetLocaleInfoA
GetVersionExA
LockResource
InterlockedExchange
CloseHandle
Sleep
WritePrivateProfileStringW
SetThreadPriority
GetModuleFileNameW
GlobalFree
ResumeThread
GetPrivateProfileIntW
LoadResource
lstrcpyW
lstrcpynW
GetNumberFormatW
DeleteCriticalSection
ExitProcess
InterlockedDecrement
GlobalAlloc
GetCurrentThreadId
GlobalSize
MulDiv
FindFirstFileW
GetLastError
FindResourceW
LocalFree
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentProcessId

advapi32

RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW
RegOpenKeyW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

shell32

SHBrowseForFolderW
SHGetMalloc
ShellExecuteW
SHGetDesktopFolder
DragAcceptFiles
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetPathFromIDListW
SHAppBarMessage
Shell_NotifyIconW

comctl32

ImageList_Destroy
ImageList_Add
InitCommonControlsEx
_TrackMouseEvent
PropertySheetW
ImageList_GetIcon
ImageList_LoadImageW
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_Draw

user32

GetMenuItemCount
GetKeyState
GetMenuItemInfoW
SetForegroundWindow
GetCursor
CallWindowProcW
DrawFrameControl
DeferWindowPos
ReleaseCapture
GetDCEx
ScreenToClient
LoadBitmapW
LoadCursorW
ShowWindow
SetActiveWindow
UpdateWindow
HideCaret
LockWindowUpdate
CloseClipboard
mouse_event
GetDlgItem
SetCursor
MapVirtualKeyExW
GetKeyNameTextW
IsIconic
GetMenuItemID
GetWindow
AppendMenuW
DrawEdge
IsWindow
DrawStateW
OpenClipboard
IsRectEmpty
FillRect
ShowCaret
GetMenuDefaultItem
UnionRect
GetWindowLongW
GetDesktopWindow
SetCapture
CallNextHookEx
GetMessagePos
LoadMenuW
IsWindowVisible
CreateAcceleratorTableW
DragDetect
SetRect
GetKeyboardLayout
GetScrollInfo
SetWindowsHookExW
GetIconInfo
MapWindowPoints
SetTimer
DrawIconEx
wsprintfW
GetNextDlgTabItem
EnableMenuItem
InsertMenuW
SetMenuDefaultItem
GetCapture
GetWindowTextW
GetSystemMetrics
SetFocus
DrawFocusRect
GrayStringW
CopyRect
RedrawWindow
GetClassLongW
KillTimer
UnhookWindowsHookEx
SetScrollPos
IsMenu
SetClipboardData
LoadIconW
SetMenu
EnumChildWindows
GetSysColor
TranslateMessage
MoveWindow
GetClassNameW
RegisterClipboardFormatW
PtInRect
ClientToScreen
DrawIcon
ReleaseDC
GetParent
DestroyAcceleratorTable
DestroyCursor
DestroyWindow
GetActiveWindow
SystemParametersInfoA
GetClientRect
ShowScrollBar
SetCaretPos
GetScrollPos
EmptyClipboard
GetClipboardData
GetMenu
FindWindowW
GetSysColorBrush
IsZoomed
IsChild
SetScrollInfo
GetWindowRect
GetLastActivePopup
GetCursorPos
SetRectEmpty
CheckMenuItem
EqualRect
PeekMessageW
DestroyIcon
GetForegroundWindow
TrackPopupMenu
DrawTextW
WindowFromPoint
SetWindowLongW
GetMenuState
LoadImageW
SystemParametersInfoW
RegisterWindowMessageW
DrawAnimatedRects
CopyAcceleratorTableW
EnableWindow
CloseWindow
SetWindowPos
InflateRect
IsClipboardFormatAvailable
PostMessageW
GetSystemMenu
MapVirtualKeyW
GetSubMenu
SetParent
TabbedTextOutW
InvalidateRect
GetDlgCtrlID
GetMessageW
GetWindowPlacement
CopyIcon
EnableScrollBar
OffsetRect
DestroyCaret
DeleteMenu
GetFocus
IsCharLowerW
GetDC
BeginDeferWindowPos
SendMessageW
BringWindowToTop
GetTabbedTextExtentW
MessageBeep
DrawTextExW
SetWindowRgn
DispatchMessageW
CreatePopupMenu
CreateIconIndirect
IntersectRect
SetCursorPos
CreateCaret
EndDeferWindowPos
DestroyMenu

gdi32

Rectangle
GetBkColor
GetTextExtentPoint32W
SetPixelV
CreateDIBSection

ole32

CoCreateInstance
DoDragDrop
OleRun

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

239b8d286f7ab2177f60c9636e62698c

Headers

File Characteristics

Imports

kernel32

advapi32

gdiplus

shell32

comctl32

user32

gdi32

ole32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 76KB - Virtual size: 75KB

.tls Size: 1024B - Virtual size: 348KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 76KB - Virtual size: 75KB

.tls
Size: 1024B - Virtual size: 348KB