55e84068e90ed57165a260571800685a

Sharing

Copy URL

Twitter E-mail

General

Target

55e84068e90ed57165a260571800685a
Size

88KB
MD5

55e84068e90ed57165a260571800685a
SHA1

5a28b483edcc164e29f80eea6bb927b69d09a5c6
SHA256

3c49a5b95fe4b8af9b067acf239400bb19d00907fa71b287a201bcaa951c4a29
SHA512

b3130a2fec3c74d962629fe7781bdcb7f5338a79430a5216ba6da95ba4184b0571f9bb8d8551cd9ad297745ee1f5fa677c94f18cdecefba2e4e55fc2b681dba7
SSDEEP

1536:mhP1O3M007CgZr3huz5j67VWJAe0tq0WvKaDsaVUsw+MdkE2FcdULZmQlaUc:EoMt1ro96xYwqfDbw+MdkpFcmZmQlaUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55e84068e90ed57165a260571800685a

Files

55e84068e90ed57165a260571800685a
.exe windows:4 windows x86 arch:x86

05bfadb0b2c73f47d86cc92cc414d3a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetSystemDirectoryA
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleHandleA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
ReadFile
GetStartupInfoA
GetWindowsDirectoryA
SetLocalTime
GetLocalTime
LoadLibraryA
GetModuleFileNameA
SetStdHandle
GetCPInfo
GetOEMCP
LocalFree
CopyFileA
GetLastError
FindClose
Sleep
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpyA
CreateThread
lstrlenA
DeleteFileA
WaitForSingleObject
WriteFile
RaiseException
CloseHandle
CreateFileA
DeleteCriticalSection
SetEndOfFile
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
InitializeCriticalSection
GetProcAddress
GetStringTypeW
GetStringTypeA
SetFilePointer
HeapFree
RtlUnwind
ExitProcess
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
HeapSize
FlushFileBuffers

user32

DefWindowProcA
CharNextA
DestroyWindow

advapi32

RegSetValueExA
RegQueryValueExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
ChangeServiceConfig2A
StartServiceA
QueryServiceStatus
SetServiceStatus
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr
VariantClear

comctl32

InitCommonControlsEx

wininet

InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
InternetGetConnectedState
InternetCloseHandle

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05bfadb0b2c73f47d86cc92cc414d3a5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 7KB