55bc437cb13125d472c923a40f4a2280

General

Target

55bc437cb13125d472c923a40f4a2280
Size

258KB
MD5

55bc437cb13125d472c923a40f4a2280
SHA1

9190968d213976dfbd8132578c517e49dfe1027e
SHA256

7de262c6bcee70bb24624fa342b93112ef1935065fd3926289915b034dd946ea
SHA512

0a4f5c7a811e88548261e93b5ae3095df4324601d3b37a86a6dcd6ec7bacc6b9917ea83d8770fbeb4e56135e99399daff6a381db0bcbbf0b7b4a35a3170e96d1
SSDEEP

6144:njxzL7whgXYksEHuix68zG/YWw0Nu9Qi+:VzL7wa9sWjoYWwuuQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55bc437cb13125d472c923a40f4a2280

Files

55bc437cb13125d472c923a40f4a2280
.exe windows:4 windows x86 arch:x86

730751757e52c8d21eecbdb3385e65cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
IsDebuggerPresent
LCMapStringA
UnhandledExceptionFilter
GetProcAddress
LCMapStringW
HeapReAlloc
WideCharToMultiByte
FreeEnvironmentStringsW
GetTimeZoneInformation
GetCurrentProcessId
HeapAlloc
CompareStringA
GetLocaleInfoA
Sleep
GetModuleHandleA
LeaveCriticalSection
GetSystemDirectoryW
GetVolumeInformationW
SetUnhandledExceptionFilter
GetProcessHeap
InitializeCriticalSection
GetACP
HeapSize
SetEnvironmentVariableA
AddAtomA
GetStringTypeW
GetEnvironmentVariableW
WriteProfileStringA
ExitProcess
GetTickCount
TlsAlloc
WriteFile
HeapFree
GetEnvironmentStrings
GetModuleFileNameA
HeapCreate
LoadLibraryA
QueryPerformanceCounter
GetDateFormatA
VirtualAlloc
lstrcmpW
FreeLibrary
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetEnvironmentStringsW
GetLocaleInfoW
GetStdHandle
TlsFree
GetCurrentThread
IsValidLocale
GetCPInfo
GetSystemTimeAsFileTime
GetFileType
EnterCriticalSection
CreateProcessA
GetLastError
GetOEMCP
DeleteCriticalSection
TlsSetValue
SetHandleCount
HeapDestroy
CompareStringW
GetStartupInfoA
TlsGetValue
MultiByteToWideChar
InterlockedIncrement
VirtualFree
GetStringTypeA
IsValidCodePage
InterlockedExchange
GetUserDefaultLCID
GetTimeFormatA
GetCommandLineA
SetLastError
FreeEnvironmentStringsA
EnumSystemLocalesA
SetConsoleCtrlHandler
InterlockedDecrement

comdlg32

PrintDlgA
ReplaceTextW
ReplaceTextA
FindTextW
GetFileTitleA
ChooseColorW
LoadAlterBitmap
PrintDlgW
ChooseColorA
GetOpenFileNameA
PageSetupDlgW
ChooseFontW
GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
FindTextA
PageSetupDlgA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

730751757e52c8d21eecbdb3385e65cd

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 7KB - Virtual size: 7KB