56a071a0d5fe469e92237e62a2567e05

Sharing

Copy URL Twitter E-mail

General

Target

56a071a0d5fe469e92237e62a2567e05
Size

645KB
MD5

56a071a0d5fe469e92237e62a2567e05
SHA1

d258cfec9955524af6901c4f81856f09b5f3d1e0
SHA256

0ccbb8890e7f9c3e63928e46563c472eec59b7d3887c686fed399fa98fb8d514
SHA512

f68e7ae583edb1baac69a1a30d6631f910aa33eb28efb01bc13033414e49d37087caf8ac2f515edde28d39a01aaf9863f11bd305a2cbbc5207e9b46cd8e888ab
SSDEEP

12288:CzdY/LSspsh7RfbS5YeHcD6bNuLAseZL29KPmPfssN39:a4Vsh7RDSipqNCqaAQfssN39

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56a071a0d5fe469e92237e62a2567e05

Files

56a071a0d5fe469e92237e62a2567e05
.exe windows:4 windows x86 arch:x86

22fbba5601e10c7eee36722322bd4e80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGoOnlineA
CreateUrlCacheEntryA
InternetReadFile
InternetReadFileExA
InternetGetConnectedStateExA
FtpFindFirstFileA
InternetQueryOptionW

user32

GetMenuContextHelpId
CreateCaret
LoadCursorFromFileA
GetLastActivePopup
GetClientRect
RemovePropA
GetSysColor
DlgDirListComboBoxA
DdeAddData
GetAsyncKeyState
LoadStringA
OemKeyScan
GetInputDesktop
EnumDisplaySettingsExA
ValidateRect
DrawFrameControl
SetWindowTextW
DefFrameProcA
DefWindowProcW
EnumWindows
GetWindowDC
InvalidateRgn
EnumClipboardFormats
RegisterClassA
DrawTextExW
InternalGetWindowText
GetClipboardSequenceNumber
InsertMenuW
FrameRect
ScrollWindowEx
SendDlgItemMessageW
GetClassLongW
GetWindowTextA
CreateWindowExA
RegisterClassExA
DestroyWindow
CharNextW
SetKeyboardState
PostThreadMessageW
OpenClipboard
CharUpperBuffA
SendInput
CreateMDIWindowA
CloseWindow
CharUpperBuffW
PaintDesktop
GetUserObjectInformationW
DefMDIChildProcW
MsgWaitForMultipleObjectsEx
InvalidateRect
ShowWindow
GetMenuCheckMarkDimensions
WindowFromDC
ScrollDC
SetClassLongA
SetCursorPos
MessageBoxW
SetDlgItemInt
DialogBoxIndirectParamW
SetWindowPos
UnregisterClassW
GetThreadDesktop
RedrawWindow
CharLowerBuffW

comctl32

ImageList_Copy
ImageList_GetIconSize
ImageList_GetIcon
CreatePropertySheetPage
ImageList_SetImageCount
CreatePropertySheetPageW
ImageList_EndDrag
InitCommonControlsEx

advapi32

RegEnumKeyW
RegDeleteValueW
CryptDuplicateHash
RegCreateKeyExW

gdi32

GetOutlineTextMetricsA
CreateDIBitmap

kernel32

GetFileType
FreeEnvironmentStringsA
GetStartupInfoA
LoadLibraryW
GetStringTypeA
GetStdHandle
FormatMessageA
GetCurrentThread
VirtualProtect
GetSystemInfo
InitializeCriticalSection
SetFilePointer
GetDateFormatA
GetVersionExA
WideCharToMultiByte
ReadFile
GetACP
RtlUnwind
MultiByteToWideChar
TerminateProcess
VirtualAlloc
GetTimeZoneInformation
SetHandleCount
GetModuleHandleA
HeapAlloc
CloseHandle
GetModuleFileNameA
CopyFileA
GetOEMCP
HeapDestroy
IsBadWritePtr
GetLocaleInfoW
LCMapStringW
GetCommandLineW
TlsAlloc
TlsSetValue
GetPrivateProfileSectionA
GetLocalTime
GetDiskFreeSpaceExA
GetCommandLineA
GetProcAddress
GetCurrentProcess
TlsFree
GetCompressedFileSizeW
SetStdHandle
HeapFree
GetEnvironmentStrings
SetThreadContext
FreeEnvironmentStringsW
GetUserDefaultLCID
CompareStringA
RaiseException
GetLogicalDriveStringsA
FoldStringA
EnterCriticalSection
GetCurrentProcessId
GetSystemTimeAsFileTime
IsValidCodePage
GetTimeFormatA
ExitProcess
LockFileEx
EnumSystemLocalesA
CreateMutexA
FindFirstFileExA
EnumCalendarInfoExW
WriteProfileStringW
GetCurrentThreadId
DeleteCriticalSection
GetModuleFileNameW
VirtualQuery
LCMapStringA
LockResource
EnumResourceLanguagesW
FindNextChangeNotification
LeaveCriticalSection
GetCPInfo
GetTickCount
HeapCreate
WriteFile
HeapReAlloc
GetLastError
GetEnvironmentStringsW
GetCurrentDirectoryA
QueryPerformanceCounter
VirtualFree
GetStringTypeW
CompareStringW
OpenMutexA
FlushFileBuffers
lstrcatA
InterlockedExchange
LoadLibraryA
SetLastError
GetLocaleInfoA
UnhandledExceptionFilter
TlsGetValue
SetConsoleCP
HeapSize
FlushConsoleInputBuffer
SetEnvironmentVariableA
IsValidLocale

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22fbba5601e10c7eee36722322bd4e80

Headers

File Characteristics

Imports

wininet

user32

comctl32

advapi32

gdi32

kernel32

Sections

.text Size: 226KB - Virtual size: 225KB

.rdata Size: 256KB - Virtual size: 256KB

.data Size: 108KB - Virtual size: 120KB

.rsrc Size: 53KB - Virtual size: 53KB

.text
Size: 226KB - Virtual size: 225KB

.rdata
Size: 256KB - Virtual size: 256KB

.data
Size: 108KB - Virtual size: 120KB

.rsrc
Size: 53KB - Virtual size: 53KB