55a1d7324d28cd5039090c8eda9a2eee

Sharing

Copy URL Twitter E-mail

General

Target

55a1d7324d28cd5039090c8eda9a2eee
Size

155KB
MD5

55a1d7324d28cd5039090c8eda9a2eee
SHA1

73e7034ecba652699d4ab3793c331b2ad6d4ab7c
SHA256

5b7fc6ac4fc28833c0b488f3837aaf4337bb1fb1a5d831e9e1d77a2da5b5acd5
SHA512

68a58cd6ada50e98fd0e00b93548c1d5e4228e9e1e409826caa2789d66ce0133a0ed835112bcd91a26a20706f03af7564498602d1b4264e673c45ab6ccf2a04b
SSDEEP

3072:Mpzsc1RBQSe1k6WhAH+G26CpN3wf0BYuHHRu53DRtUSI1RgzNuUwcYS187:Un1RBaW/6AAsBYOMDbURQMJa87

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55a1d7324d28cd5039090c8eda9a2eee

Files

55a1d7324d28cd5039090c8eda9a2eee
.exe windows:5 windows x86 arch:x86

8bf9142049707ae5f7bbb878c5d0aac0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shdocvw

DoOrganizeFavDlg
DoAddToFavDlg
DoAddToFavDlgW
DllGetClassObject
SHAddSubscribeFavorite
OpenURL
DllRegisterWindowClasses
SoftwareUpdateMessageBox
DoOrganizeFavDlgW
URLQualifyA
HlinkFrameNavigateNHL
DoPrivacyDlg
SetQueryNetSessionCount
URLQualifyW
SHGetIDispatchForFolder
DoFileDownload
ImportPrivacySettings
HlinkFindFrame
AddUrlToFavorites
HlinkFrameNavigate
DllGetVersion

user32

PostQuitMessage
BringWindowToTop
EnumDisplaySettingsExW
AppendMenuW
DdeNameService
GetScrollPos
FillRect
GetGUIThreadInfo
DdeFreeDataHandle
GetWindowThreadProcessId
GetMenuState
GetSubMenu
DdeUnaccessData
LoadLocalFonts
GetComboBoxInfo
SetMenuInfo
IntersectRect
LockWorkStation
SetScrollPos
GetDlgCtrlID
SetDlgItemInt
SetShellWindowEx
GetWindowTextW
DdeDisconnect
GetClipboardOwner
AppendMenuA
SystemParametersInfoW
MB_GetString
MessageBoxIndirectW
TrackPopupMenuEx
DdeConnectList
IsIconic
DrawFrame
CreateIconIndirect
GetMenuItemInfoA
RegisterServicesProcess
DestroyWindow
SetUserObjectInformationA
RegisterClassExW
InsertMenuW
TabbedTextOutA

kernel32

Process32FirstW
LoadLibraryA
FindResourceExA
GlobalMemoryStatus
CreateIoCompletionPort
SetClientTimeZoneInformation
LZOpenFileA
FindActCtxSectionStringW
CallNamedPipeW
VirtualUnlock
LocalLock
GetConsoleAliasExesLengthW
GetConsoleMode
lstrcpynW
SetThreadUILanguage
CmdBatNotification
LocalAlloc
IsValidCodePage
GetConsoleFontSize
LZDone
SetStdHandle
GetFullPathNameA
FreeUserPhysicalPages
GetNumberOfConsoleInputEvents
IsValidLocale
GetFileAttributesW
EnumResourceTypesA
lstrcpyn
SetConsoleActiveScreenBuffer
EnterCriticalSection
GetDiskFreeSpaceW
GetUserDefaultLCID
GetTempPathW
GetNumaHighestNodeNumber
FreeEnvironmentStringsA
VirtualAlloc
ClearCommError
CreateSemaphoreA
GetEnvironmentVariableW
GetStringTypeExW
GetPrivateProfileStringW
GetNamedPipeHandleStateW
CreateNamedPipeW
VirtualQueryEx
lstrcpyW
GetThreadLocale
RegisterWowExec
SetTermsrvAppInstallMode
BaseFlushAppcompatCache
GetNumberFormatW
RegisterWaitForInputIdle
QueryDepthSList
CreateProcessInternalA
GetProcessTimes
BuildCommDCBW
ConvertFiberToThread
BindIoCompletionCallback
GetModuleHandleW
OutputDebugStringW
CreateTimerQueue
CopyFileExW
FileTimeToSystemTime
LZSeek
OpenConsoleW
GetProfileIntA
OpenJobObjectA
SizeofResource
GetTimeFormatA
UnlockFileEx
_lwrite
GetVersionExW
SetComPlusPackageInstallStatus

wldap32

ldap_parse_page_controlW
ldap_search_ext_sA
ldap_simple_bindW
ldap_delete_sW
ldap_result
ldap_parse_resultA
ldap_parse_page_controlA
ldap_create_sort_control
ldap_simple_bindA
ldap_next_attribute
ldap_start_tls_sA
ldap_parse_page_control
ldap_compare
ldap_compare_sA
ldap_set_dbg_flags
ldap_simple_bind_s
ldap_escape_filter_elementW
ldap_search_st
ldap_count_entries
ldap_search_init_pageW
ldap_extended_operation
ldap_modrdn2_sA
ldap_free_controlsA
ldap_extended_operationW
ldap_parse_resultW
ldap_sasl_bindW
ldap_add_ext
ldap_create_vlv_controlW
ldap_abandon
ber_bvdup
ldap_initA

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bf9142049707ae5f7bbb878c5d0aac0

Headers

DLL Characteristics

File Characteristics

Imports

shdocvw

user32

kernel32

wldap32

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 21KB - Virtual size: 205KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 21KB - Virtual size: 205KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B