55d08b2f1164831efb3a76735c3169c0

Sharing

Copy URL

Twitter E-mail

General

Target

55d08b2f1164831efb3a76735c3169c0
Size

65KB
MD5

55d08b2f1164831efb3a76735c3169c0
SHA1

63633edec555d60821c0730a4e7afefc02f514f3
SHA256

1fd62479566e984ce06103bc85892ff5a66254718909ecf9bef884f0aa2e15dd
SHA512

0fd8b99e2ca09aa51b4b5e3f4cd6775e599ef1b393994b25441ef31fd69af3c507a91aa768a6baeaa3c07b04e6b7ab38bc2b583a31a8b9bfb9e3ad76aebc2261
SSDEEP

1536:dF4Znlo9xslCYtCVw0qW/YLlyBCX3t0G9lMrSESawPp:dFyl+slPsVnX/YLBX3uglMSgwPp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55d08b2f1164831efb3a76735c3169c0

Files

55d08b2f1164831efb3a76735c3169c0
.exe .ps1 windows:1 windows x86 arch:x86 polyglot

23d0a515d491d741107b11559fefc8e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__getmainargs
__setusermatherr
_findnext
_exit
_eof
memcpy
setlocale
_spawnlp
_wenviron
exit
fgetwc
_XcptFilter
__p__commode
realloc
_commit
fread
wcslen
_strnicoll
fgets
_adjust_fdiv
_acmdln
_adj_fprem1
fgetpos
__p__fmode
_utime
_except_handler3
memcmp
_mbcjistojms
_initterm
_execl
__set_app_type
wcsncmp

gdi32

GetTextMetricsA
StartPage
SelectObject

kernel32

QueryPerformanceCounter
GetSystemDirectoryA
PulseEvent
GetModuleHandleW
GetCPInfo
CreateFileMappingA
LocalFree
RaiseException
SetErrorMode
FreeEnvironmentStringsA
FindFirstFileA
CreateProcessA
HeapCreate
GetCurrentThread
GetFileType
IsDebuggerPresent
TerminateThread
GetModuleFileNameA
GetTimeFormatA
TlsAlloc
DeleteFileA
GetStartupInfoA
InterlockedDecrement
GetExitCodeThread
ExpandEnvironmentStringsA
GetFileAttributesA
CreateThread
GetEnvironmentVariableA
WideCharToMultiByte
lstrcmpiA
FormatMessageA
SetProcessWorkingSetSize
GetEnvironmentStringsW
GetCommandLineW
GetCurrentProcessId
TlsFree
DeviceIoControl
GetDateFormatA
IsValidCodePage
FreeLibrary
SetPriorityClass
ResetEvent
HeapAlloc
GetLastError
DuplicateHandle
GetModuleHandleA
VirtualProtect
SetHandleCount
FileTimeToSystemTime
lstrcatA
GetEnvironmentStrings
GetSystemTimeAsFileTime

user32

ChangeClipboardChain
CharNextExA
LoadIconA
GetParent
LoadAcceleratorsA
SetDlgItemTextA
CallMsgFilterA
CopyRect
CharLowerA
GetActiveWindow
DialogBoxIndirectParamA
AnyPopup
BringWindowToTop
CharPrevExA
DefWindowProcA
SetWindowTextA
GetCursorPos
OffsetRect
GetWindowDC
EnumChildWindows
EndPaint
DeleteMenu
GetSystemMetrics
GetForegroundWindow
RegisterClassA
AppendMenuA
SendMessageA
AnimateWindow
GetClientRect
UnionRect
IsDialogMessageA
SetWindowPos
CharLowerBuffA
GetWindowRect
LoadImageA
ActivateKeyboardLayout
PostMessageA
GetMenu
CharPrevA
GetDlgItem
DestroyWindow
SetPropA
CreateWindowExA
ChangeDisplaySettingsA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23d0a515d491d741107b11559fefc8e9

Headers

File Characteristics

Imports

msvcrt

gdi32

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 39KB - Virtual size: 112KB

.rsrc Size: 13KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 39KB - Virtual size: 112KB

.rsrc
Size: 13KB - Virtual size: 16KB