55172cac65d1d6d3a8f1bc8db5605534

Sharing

Copy URL

Twitter E-mail

General

Target

55172cac65d1d6d3a8f1bc8db5605534
Size

403KB
MD5

55172cac65d1d6d3a8f1bc8db5605534
SHA1

ea0c921da4555b63e2576902c5f9fc716417deb8
SHA256

c53be6b4aebee12ce518a67234c5aea7f9e79e111b77c2781332ed80b9927fcc
SHA512

5eb5f30678d937d931e014bf46b998ece4c56fd34574d6b3bdec4c1da4f70e5f15a05da7aed32f812e8549450afdf4a2a9de719c655bb197044a8cb5763103c4
SSDEEP

12288:UkwRsaOzkDtGKTuIg5YLuBWMJ//Vjwv1yI:0saOwDtPZgblJH+vx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55172cac65d1d6d3a8f1bc8db5605534

Files

55172cac65d1d6d3a8f1bc8db5605534
.exe windows:4 windows x86 arch:x86

5a7917243cebd8ac4680ad59b90fb166

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GopherOpenFileA
FindCloseUrlCache
FindFirstUrlCacheContainerW
DeleteUrlCacheGroup
FtpGetCurrentDirectoryA
InternetShowSecurityInfoByURLW
InternetSetDialState

gdi32

GetWinMetaFileBits
CreateDCA
GetPath
AddFontResourceW
SetDIBColorTable
PlayEnhMetaFile
MaskBlt
GetMapMode
Polygon
GetWorldTransform
GdiPlayJournal
GetTextExtentPoint32A
CreateEnhMetaFileA
CreateBrushIndirect

user32

ChangeDisplaySettingsW
SendDlgItemMessageA
CreateCursor
DrawTextExW
GetDesktopWindow
VkKeyScanExW
SetPropA
SendMessageTimeoutA
CharPrevA
PtInRect
GetMenuItemCount
MessageBoxExA
MessageBoxIndirectA
ChangeMenuW
GetClipboardFormatNameW
GetWindowModuleFileNameW
wvsprintfW
SetUserObjectInformationW

advapi32

CryptVerifySignatureA
CryptCreateHash

kernel32

WideCharToMultiByte
ReadFileEx
GetConsoleTitleA
VirtualAlloc
LCMapStringW
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStrings
MultiByteToWideChar
TlsSetValue
LoadLibraryA
LeaveCriticalSection
TerminateProcess
GetFileType
HeapFree
GetOEMCP
RtlUnwind
GetCommandLineA
TlsGetValue
HeapReAlloc
TlsAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
IsBadWritePtr
SetLastError
GetACP
ExitProcess
FreeEnvironmentStringsW
EnterCriticalSection
FreeEnvironmentStringsA
LCMapStringA
GetCurrentProcessId
OpenFileMappingA
GetStringTypeA
VirtualQuery
DeleteCriticalSection
UnhandledExceptionFilter
GetTickCount
GetCurrentProcess
GetCurrentThreadId
TlsFree
GetLastError
InitializeCriticalSection
GetProfileIntA
HeapDestroy
GetStringTypeW
GetVersion
GetCPInfo
InterlockedExchange
VirtualFree
HeapCreate
GetStdHandle
GetProcAddress
GetCurrentThread
GetEnvironmentStringsW
QueryPerformanceCounter
SetHandleCount
HeapAlloc
WriteFile

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a7917243cebd8ac4680ad59b90fb166

Headers

File Characteristics

Imports

wininet

gdi32

user32

advapi32

kernel32

Sections

.text Size: 122KB - Virtual size: 121KB

.data Size: 265KB - Virtual size: 273KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 122KB - Virtual size: 121KB

.data
Size: 265KB - Virtual size: 273KB

.rsrc
Size: 15KB - Virtual size: 14KB