55ead57b5d66eac0f231882b9432bf28

Sharing

Copy URL Twitter E-mail

General

Target

55ead57b5d66eac0f231882b9432bf28
Size

455KB
MD5

55ead57b5d66eac0f231882b9432bf28
SHA1

bb9386ad1654880c46e851da064fa9add39c8c50
SHA256

51978603ae8abcf49b2791b306debc34a330cda6a0bd26f0ce9cfd1ec059c633
SHA512

b943efdadda1cb91404a9852f18d6629e497137a418084dc0edce8653132a3772aec0705f324a0811fb0423dbeb22afafb3b0b160fa977a307712e091a809eb1
SSDEEP

12288:aFsFrETKGL5v+NPxN82+l3IncbtYZpwkyXZy9V:aFsFgTKGL5oPxNB+l4nbUkypW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55ead57b5d66eac0f231882b9432bf28

Files

55ead57b5d66eac0f231882b9432bf28
.exe windows:4 windows x86 arch:x86

30604b40b1756462da05910479575241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetStockObject

msvcrt

malloc
_vsnwprintf
_ultow
free
memmove
_wtoi
memset
_wtol
_amsg_exit
bsearch
longjmp
_vsnprintf
_XcptFilter
_adjust_fdiv
_wcsicmp
_setjmp3
memcpy
_initterm
_wcsnicmp

kernel32

LocalReAlloc
Sleep
LoadLibraryW
SearchPathW
SetUnhandledExceptionFilter
GetTempFileNameW
MoveFileExW
GetWindowsDirectoryW
lstrcmpiW
FindClose
FindResourceW
GetFullPathNameW
LocalFree
GetCurrentThreadId
GetDiskFreeSpaceW
GetFileTime
WideCharToMultiByte
MapViewOfFileEx
RemoveDirectoryW
FindNextFileW
GetShortPathNameW
GetVolumeInformationW
FindResourceExW
GetCurrentProcess
GetModuleFileNameW
EnumResourceLanguagesW
DisableThreadLibraryCalls
DeleteFileW
GetPrivateProfileSectionW
FreeLibrary
GetVersionExW
lstrcmpW
SetLastError
GetSystemInfo
GetTempPathW
GetSystemTimeAsFileTime
GetPrivateProfileIntW
GetProfileStringW
MoveFileW
GetUserDefaultUILanguage
SetFileAttributesW
InterlockedExchange
TerminateProcess
WritePrivateProfileStringW
GetLocalTime
FindFirstFileW
CompareStringW
SizeofResource
lstrlenW
GetDriveTypeW
GetEnvironmentVariableW
LockResource
ReadFile
CreateFileW
GetPrivateProfileStringW
CreateProcessW
GetSystemDefaultUILanguage
SetFileTime
WriteFile
LoadResource
MapViewOfFile
UnhandledExceptionFilter
ExpandEnvironmentStringsW
LoadLibraryExW
MultiByteToWideChar
RtlUnwind
CopyFileW
QueryPerformanceCounter
GetCurrentProcessId
SetFilePointer
GetSystemDirectoryW
UnmapViewOfFile
CloseHandle
GetLastError
CreateDirectoryW
lstrlenA
GetTickCount
GetProcAddress
GetFileAttributesW
WritePrivateProfileSectionW
GetFileSize
InterlockedCompareExchange
LocalAlloc
MulDiv
lstrcmpiA
CreateFileMappingW
FormatMessageW

ntdll

NtAllocateVirtualMemory
LdrLoadDll

setupapi

SetupInstallFromInfSectionW
SetupFindFirstLineW
SetupCloseInfFile
SetupCloseFileQueue
SetupOpenInfFileW
SetupCommitFileQueueW
SetupGetLineTextW
SetupSetDirectoryIdW
SetupQueueCopyW
SetupFindNextLine
SetupOpenAppendInfFileW
SetupDefaultQueueCallbackW
SetupGetStringFieldW
SetupOpenFileQueue
SetupInitDefaultQueueCallbackEx
SetupTermDefaultQueueCallback

user32

UpdateWindow
GetWindowRect
GetDlgItem
EndDialog
GetDC
ShowWindow
CharUpperW
CharPrevW
GetDesktopWindow
CreateDialogParamW
CharNextW
GetDlgItemTextW
DispatchMessageW
SetWindowTextW
DestroyWindow
SetDlgItemTextW
DialogBoxParamW
SendDlgItemMessageW
IsWindow
ReleaseDC
CharNextA
OemToCharA
GetSystemMetrics
MessageBoxW
MsgWaitForMultipleObjects
LoadStringW
SendMessageW
MessageBeep
ExitWindowsEx
EnableWindow
SetWindowPos
PeekMessageW

mpr

WNetOpenEnumW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

advapi32

AdjustTokenPrivileges
RegUnLoadKeyW
LookupPrivilegeValueW
AllocateAndInitializeSid
RegEnumValueW
RegCloseKey
GetTokenInformation
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
OpenProcessToken
RegFlushKey
RegCreateKeyExW
EqualSid
RegDeleteValueW
FreeSid
RegSaveKeyW
RegSetValueW
RegQueryInfoKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegLoadKeyW

ole32

CoTaskMemFree
OleUninitialize
OleInitialize

shlwapi

PathFileExistsW
StrChrW
PathBuildRootW
PathRemoveFileSpecW
PathAddBackslashW
StrStrIW
PathAppendW
StrRChrW
PathCombineW

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30604b40b1756462da05910479575241

Headers

File Characteristics

Imports

gdi32

msvcrt

kernel32

ntdll

setupapi

user32

mpr

version

advapi32

ole32

shlwapi

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 4KB - Virtual size: 936KB

.rsrc Size: 182KB - Virtual size: 181KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 4KB - Virtual size: 936KB

.rsrc
Size: 182KB - Virtual size: 181KB

.reloc
Size: 512B - Virtual size: 20B