56bd648bb71d99beb5d47c6b9a3c9a9a

Sharing

Copy URL

Twitter E-mail

General

Target

56bd648bb71d99beb5d47c6b9a3c9a9a
Size

110KB
MD5

56bd648bb71d99beb5d47c6b9a3c9a9a
SHA1

71a15d20367ad2b1da65ca7432355df6453f1bf9
SHA256

e32734e626eef4aef9b97c5213bd9b3261b01b54a78cb08638f7abd2e168ccc2
SHA512

77a53b4ddf1a1844d63d937b30315f7bedd46d970b442777bd7c52fc7385db8c9be2a38ce1686186894c7e381ce1633d20e2835c5da50211a05d667e93eb7f2e
SSDEEP

3072:B1Tsdce6FibmBX8pTHqtG9UeKmPjOkKMMiU1m9:MdsiGspTHOneKmPZKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56bd648bb71d99beb5d47c6b9a3c9a9a

Files

56bd648bb71d99beb5d47c6b9a3c9a9a
.dll windows:4 windows x86 arch:x86

e837422256cc8662517da239511d6f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
QueryServiceStatus
OpenProcessToken
InitializeSecurityDescriptor
DeleteService
CloseServiceHandle

ole32

RevokeDragDrop
OleInitialize
OleFlushClipboard
GetConvertStg
CreateDataAdviseHolder
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoResumeClassObjects
CoGetMalloc
CoFileTimeNow
CoCreateInstance
CoCreateGuid
WriteFmtUserTypeStg

user32

SetFocus
OemToCharBuffA
MessageBoxIndirectA
LoadBitmapA
CreateMenu
CreateCursor
CharUpperA
CharToOemBuffA
CharPrevA

shell32

SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHBindToParent

shlwapi

PathIsRootA
PathFileExistsA
PathMatchSpecA
SHAutoComplete
StrStrIA
PathFindFileNameA
PathIsRelativeA

msvcrt

strlen
strchr
getenv
rand
memcpy
free
strstr

kernel32

lstrcpynA
lstrlenA
lstrcatA
Sleep
SetLastError
RaiseException
OpenFileMappingA
GetVersion
GetSystemTimeAsFileTime
GetLocalTime
ExitThread
EnumResourceTypesA
EnumResourceNamesA
CompareStringA
CloseHandle
lstrcmpA

Exports

Exports

Akc
Bgw
Bra
Csn
Cto
Iwj
Kee
Nwc
Pum
Qvu
Vkt
Ydm
Zsv

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e837422256cc8662517da239511d6f39

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 23KB - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 23KB - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB