56375c7be15cce862324a330937fedee

Sharing

Copy URL Twitter E-mail

General

Target

56375c7be15cce862324a330937fedee
Size

179KB
MD5

56375c7be15cce862324a330937fedee
SHA1

c47c1ff5198df2d9afb6d87d5ee73aacef360092
SHA256

9f68b96ef9dc37c7fa5cad17f39c2f2f018823c7d727fde610f9d854e50f4850
SHA512

ff9f74c9ee199d35e6a6589b7363df16941bdfb6a37d493f28d9b0966496086f0468fa5ffd963f5a09a82c1ef6ccf97b802db90d4742dcf32e7031c9a1bca94e
SSDEEP

3072:0iC3lCUe2JjcmqpDSI8bPyYbI6Tu17nUeKskFG9u4qLcyYd:MPe2JjD5bKYc6+YeKJgyi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56375c7be15cce862324a330937fedee

Files

56375c7be15cce862324a330937fedee
.exe windows:4 windows x86 arch:x86

0579d80ca22c912f102f65d838c04707

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegQueryValueW
RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

shlwapi

PathIsUNCW
PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathAppendW

kernel32

GetFileAttributesW
lstrcpyW
SetFilePointer
GetCalendarInfoW
CreateFileW
MultiByteToWideChar
SystemTimeToFileTime
FindFirstFileW
LocalFileTimeToFileTime
GetCurrentProcessId
FindNextFileW
GetThreadContext
GetLocaleInfoW
FindClose
SetFileTime
WideCharToMultiByte
InterlockedDecrement
LoadLibraryW
GetVersion
EnumResourceNamesA
ExitProcess
ConvertDefaultLocale
GetModuleFileNameW
EnumResourceLanguagesW
GetSystemDefaultLangID
DeleteFileW
WriteFile
RemoveDirectoryW
MoveFileW
GetCurrentDirectoryW
ReadFile
CreateDirectoryW
GetProcAddress

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

CopyAcceleratorTableW
SendDlgItemMessageA
MessageBeep
IsRectEmpty
GetPropW
RemovePropW
CharUpperW
InvalidateRect
CreateWindowExW
RegisterWindowMessageW
CharNextW
GetClassInfoExW
WinHelpW
GetNextDlgTabItem
SetPropW
GetNextDlgGroupItem
GetClassLongW
InvalidateRgn
SetRect
DestroyMenu

ole32

CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoUninitialize
OleUninitialize
CoTaskMemAlloc
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
CoInitialize
OleInitialize
CoRevokeClassObject
CLSIDFromProgID
CoTaskMemFree
CoCreateInstance
CLSIDFromString

gdi32

PtVisible
SetViewportOrgEx
GetMapMode
RectVisible
OffsetViewportOrgEx
ScaleWindowExtEx
ExtSelectClipRgn
GetTextColor
DeleteDC
GetStockObject
GetBkColor
Escape
SetWindowExtEx
TextOutW
GetDeviceCaps
ScaleViewportExtEx
SelectObject
ExtTextOutW
GetRgnBox

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0579d80ca22c912f102f65d838c04707

Headers

File Characteristics

Imports

oleacc

advapi32

shlwapi

kernel32

shell32

user32

ole32

gdi32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 248KB