560eebe0a670be903799bc4255765b37

Sharing

Copy URL Twitter E-mail

General

Target

560eebe0a670be903799bc4255765b37
Size

602KB
MD5

560eebe0a670be903799bc4255765b37
SHA1

64f1dda09fafb1647e42a6bd7ff3417ad40dc45f
SHA256

8f6052d34db6f61ca60a72b33c0a2f34d6865e131a6aeb1778ef926658c3d9f4
SHA512

88d6638bbe617c87cd8200f9fb9394b256c8a4ae4d5972e5bc2c19624aaefc5a35d54a0d5e9cd63aaf1345d6a038ceaf6a89871cdb7d3022f53323eee8fe7e69
SSDEEP

12288:kNwYeYiRJtVUc4CplYEFn4CnwdMzinWk0K+6E:bY1iRnxnplYEV4CnyaYWbK+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
560eebe0a670be903799bc4255765b37

Files

560eebe0a670be903799bc4255765b37
.exe windows:4 windows x86 arch:x86

44d503a1f87ac90f4ecb15fba119cc6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA

user32

DefWindowProcW
CreateWindowExA
SwitchToThisWindow
PeekMessageA
GetClassLongW
SetThreadDesktop
MessageBoxA
RemovePropW
ShowWindow
RegisterClassExA
RegisterClassA
DestroyWindow
ReleaseCapture

kernel32

LoadLibraryA
SetCriticalSectionSpinCount
GetUserDefaultLCID
GetFileType
TlsFree
GetLastError
WriteConsoleOutputCharacterW
OpenFileMappingW
lstrcmpW
UnhandledExceptionFilter
WideCharToMultiByte
GetVersionExA
GetModuleHandleA
GetLocaleInfoW
HeapCreate
SetHandleCount
GetPrivateProfileStructW
EnumSystemLocalesA
GetOEMCP
FlushFileBuffers
GetNumberFormatW
SetStdHandle
IsValidCodePage
TlsAlloc
IsBadWritePtr
GetSystemTimeAsFileTime
GetLocaleInfoA
InitializeCriticalSection
MapViewOfFileEx
GetCurrentProcess
VirtualQuery
GetStartupInfoA
SetFilePointer
GetPrivateProfileSectionA
HeapAlloc
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
VirtualAlloc
HeapReAlloc
CreateMutexA
GetEnvironmentStrings
WriteFile
LCMapStringA
TlsGetValue
DebugBreak
SetThreadAffinityMask
IsValidLocale
GetTimeZoneInformation
SetEnvironmentVariableA
SetLastError
VirtualFree
VirtualProtect
SetTimeZoneInformation
GetProcAddress
LCMapStringW
ExitProcess
HeapSize
GetDateFormatA
GetACP
ExpandEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
GetNamedPipeHandleStateA
GetStringTypeExA
GetCurrentThreadId
CreateFileW
GetTickCount
LeaveCriticalSection
CompareStringW
EnterCriticalSection
GetEnvironmentStringsW
OpenMutexA
ReadFile
QueryPerformanceCounter
TerminateProcess
InterlockedExchange
HeapFree
HeapDestroy
GetSystemInfo
MultiByteToWideChar
GetCurrentThread
CompareStringA
GetModuleFileNameA
GetStringTypeW
GetCurrentProcessId
GetStringTypeA
TlsSetValue
CloseHandle
GetStdHandle
GetTimeFormatA
EnumCalendarInfoExW
GlobalReAlloc
GetCPInfo
SetVolumeLabelW
DeleteCriticalSection
EnumCalendarInfoExA

comctl32

ImageList_SetFilter
InitCommonControlsEx
CreatePropertySheetPage
ImageList_BeginDrag
ImageList_Replace
ImageList_SetFlags
DrawStatusTextA
CreateStatusWindow
CreateToolbar
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_Write
CreatePropertySheetPageA
ImageList_LoadImage
DrawStatusText
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_GetDragImage
CreateToolbarEx

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44d503a1f87ac90f4ecb15fba119cc6b

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

comctl32

Sections

.text Size: 308KB - Virtual size: 308KB

.rdata Size: 72KB - Virtual size: 82KB

.data Size: 111KB - Virtual size: 110KB

.rsrc Size: 109KB - Virtual size: 109KB

.text
Size: 308KB - Virtual size: 308KB

.rdata
Size: 72KB - Virtual size: 82KB

.data
Size: 111KB - Virtual size: 110KB

.rsrc
Size: 109KB - Virtual size: 109KB