566f9e88a298838e15831835a03ba760

Sharing

Copy URL

Twitter E-mail

General

Target

566f9e88a298838e15831835a03ba760
Size

616KB
MD5

566f9e88a298838e15831835a03ba760
SHA1

126c7bf28e8a73bf7a7d37afb9aa172f205b9b09
SHA256

665fdaacf5b4d59dadb9e9898c0bbfab7187c8172a597e0fd6214ddd71f71fe4
SHA512

861efe0553f1a18a460944c2436775b06fd65322ce0f0f103a937a1e73dba75718d7d31f21c36ee012c7613d6c4f657bedcb105de3f38bbebced3e0432bfad94
SSDEEP

12288:tInlAE21whSRhHrn6Z6jyW42l7CwgevWd252TmuVzSpzyg:tInl92mo/Hr6ZUyB2l7CNrI0K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
566f9e88a298838e15831835a03ba760

Files

566f9e88a298838e15831835a03ba760
.exe windows:4 windows x86 arch:x86

c6977199cc16a52e3e8b78e115cf5d5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetProcessHeap
GetProcAddress
InterlockedIncrement
UnhandledExceptionFilter
GetStringTypeA
GetConsoleCP
LCMapStringW
IsDebuggerPresent
FlushFileBuffers
CreateMutexA
WriteConsoleW
WriteConsoleA
EnterCriticalSection
GetLongPathNameA
SetStdHandle
GetConsoleMode
EnumSystemLocalesA
ExitProcess
Sleep
IsValidLocale
SetHandleCount
SetUnhandledExceptionFilter
HeapSize
GetLastError
WideCharToMultiByte
GetStdHandle
WriteFile
GetNumberFormatA
GetCurrentThreadId
RtlUnwind
GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentProcess
CloseHandle
FreeLibrary
VirtualFree
GetModuleFileNameW
FreeEnvironmentStringsA
lstrcatW
GetConsoleOutputCP
VirtualAlloc
GetModuleFileNameA
GetCurrentProcessId
InterlockedExchange
SetEnvironmentVariableA
GetEnvironmentStringsW
GetFileType
LeaveCriticalSection
TerminateProcess
VirtualQuery
GetLocaleInfoA
MultiByteToWideChar
CompareStringW
GetStringTypeW
GetCPInfo
FreeEnvironmentStringsW
DeleteCriticalSection
CompareStringA
GetStartupInfoW
TlsFree
GetACP
GetOEMCP
InterlockedDecrement
TlsSetValue
ReadFile
GetCommandLineA
OpenMutexA
GetLocaleInfoW
SetLastError
GetTimeFormatA
GetDateFormatA
TlsAlloc
GetCurrentThread
GetTickCount
GetStartupInfoA
HeapAlloc
GetTimeZoneInformation
QueryPerformanceCounter
InitializeCriticalSection
HeapDestroy
GetEnvironmentStrings
HeapFree
GetVersionExA
SetConsoleCtrlHandler
SetFilePointer
TlsGetValue
LoadLibraryA
GetUserDefaultLCID
IsValidCodePage
WriteConsoleInputW
CreateFileA
GetEnvironmentStringsA
HeapCreate
GetModuleHandleA
LCMapStringA

comctl32

CreateUpDownControl
InitCommonControlsEx
ImageList_Copy
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_SetFlags
ImageList_Add
ImageList_GetIcon
ImageList_DragMove

user32

DdeInitializeA
DefWindowProcA
RegisterClassA
SendMessageA
CreateIconFromResourceEx
GetDlgItem
GetMenuState
CreateDialogParamW
LoadCursorFromFileA
CreateWindowExW
DestroyWindow
DdeInitializeW
EditWndProc
OpenDesktopA
IsCharAlphaW
DdeFreeDataHandle
RegisterClassW
DefDlgProcW
SetWindowPlacement
CreateWindowStationA
GetCursor
DrawFrameControl
GetUpdateRgn
IsDialogMessageW
BroadcastSystemMessageW
DefMDIChildProcA
CharLowerBuffA
EndMenu
CloseClipboard
CharToOemBuffW
SetForegroundWindow
RegisterClassExA
PostMessageW
RegisterDeviceNotificationA
GetClassInfoW
GetProcessDefaultLayout
CopyAcceleratorTableA
ReplyMessage
GetWindowTextA
MessageBoxA
RemovePropA
CreateDialogIndirectParamA
ShowWindow
PostQuitMessage

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6977199cc16a52e3e8b78e115cf5d5e

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 129KB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 129KB

.rsrc
Size: 52KB - Virtual size: 50KB