505b55933f9ceb8b98cef3bd4632da43

Sharing

Copy URL Twitter E-mail

General

Target

505b55933f9ceb8b98cef3bd4632da43
Size

270KB
MD5

505b55933f9ceb8b98cef3bd4632da43
SHA1

79102ca5dcabe7344e8780cc6c32df4fd37c83be
SHA256

5aca0706ad7a4242024d94cb8c6e36312f1fc36d6d3ae2bdb930e155a6addc67
SHA512

75ab6a29d0bd98185356dd04d6e6e7ab4128e4751031d21d69fa2ee1f13347ba46579f11cef7296564ad7add26db14e8f06a86c47fad1a1ac24d5af3c1c2b3ea
SSDEEP

6144:CjcTBACrxi9f3FuWn6z0g/F5MGUhdrCV2CUCZKc06E+Wd+PD6:sCrxi9f1uXz0g/F5MGUhREDZ0fd+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
505b55933f9ceb8b98cef3bd4632da43

Files

505b55933f9ceb8b98cef3bd4632da43
.exe windows:4 windows x86 arch:x86

263825228216387dc4b501faefc5e9a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
FindResourceExA
OpenMutexA
SizeofResource
HeapDestroy
CloseHandle
RaiseException
CreateEventA
CreateDirectoryA
FindNextFileA
FindFirstFileA
SetProcessWorkingSetSize
lstrcmpA
SetFileAttributesA
GetPriorityClass
LocalAlloc
GetCommandLineA
WaitForSingleObject
OpenProcess
HeapFree
GetTempPathA
WaitForMultipleObjects
lstrlenA
RemoveDirectoryA
lstrcatA
GetThreadLocale
lstrlenW
CopyFileA
LoadLibraryExA
ResetEvent
OpenEventA
lstrcmpiA
IsDBCSLeadByte
HeapSize
HeapReAlloc
FindResourceA
CreateProcessA
DeleteCriticalSection
LocalFree
OutputDebugStringA
LoadResource
GetACP
SetPriorityClass
GetSystemTimeAsFileTime
LockResource
LeaveCriticalSection
FreeLibrary
GetCurrentThreadId
lstrcpynA
CreateMutexA
CreateThread
HeapAlloc
GetUserDefaultLangID
EnterCriticalSection
WideCharToMultiByte
FormatMessageA
FindClose
GetModuleHandleA
ReleaseMutex
GetProcessHeap
lstrcpyA
CreateFileA
GetVersion
VirtualAllocEx

user32

TranslateMessage
PostQuitMessage
MsgWaitForMultipleObjects
GetMessageA
RegisterWindowMessageA
LoadStringA
DispatchMessageA
CreateWindowExA
PeekMessageA
CharNextA
PostThreadMessageA
RegisterClassA
MessageBoxA
DefWindowProcA
LoadCursorA

ole32

CoTaskMemAlloc
StringFromGUID2
CoRegisterClassObject
CoGetInterfaceAndReleaseStream
CoTaskMemFree
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoRevokeClassObject
CoTaskMemRealloc
OleRun
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoUninitialize
CoInitializeSecurity

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

shlwapi

PathFileExistsA
PathFindExtensionA

oleaut32

SafeArrayGetUBound
SafeArrayDestroy
LoadRegTypeLi
SafeArrayCreate
VariantCopyInd
UnRegisterTypeLi
SysStringByteLen
SafeArrayRedim
SysStringLen
GetErrorInfo
SafeArrayGetVartype
SafeArrayCopy
SysAllocString
LoadTypeLi
SafeArrayGetLBound
RegisterTypeLi
VariantClear
DispCallFunc
VariantCopy
SysAllocStringByteLen
VarUI4FromStr
SysAllocStringLen
SysFreeString
SafeArrayUnlock
VariantInit
SafeArrayLock

resutils

ResUtilCreateDirectoryTree
ResUtilEnumResources
ClusWorkerTerminate
ResUtilVerifyService
ResUtilGetPropertyFormats
ResUtilGetResourceDependentIPAddressProps
ResUtilSetBinaryValue

winscard

SCardGetCardTypeProviderNameW
SCardEstablishContext
SCardAccessNewReaderEvent
SCardForgetReaderGroupW
g_rgSCardT0Pci
SCardIntroduceReaderGroupW
SCardReleaseNewReaderEvent

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 242KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

263825228216387dc4b501faefc5e9a7

Headers

File Characteristics

Imports

kernel32

user32

ole32

rpcrt4

shlwapi

oleaut32

resutils

winscard

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 242KB - Virtual size: 972KB

.rsrc Size: 5KB - Virtual size: 14KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 242KB - Virtual size: 972KB

.rsrc
Size: 5KB - Virtual size: 14KB