56c06552a8c5cc46fc9b2c7fa7dde97a | Triage

Sharing

General

Target

56c06552a8c5cc46fc9b2c7fa7dde97a
Size

360KB
MD5

56c06552a8c5cc46fc9b2c7fa7dde97a
SHA1

fe81997375e8753afa79509d88c7e6397e753c4b
SHA256

1fecc2687392feb3d4d899c20c5cc2b6864e76b5b75093b6dbdc932efee22fca
SHA512

033609ea62746f7763552dcd74ef04dc6b58ece6c3bce177f5509bde840067a3fa9cec3c2452781cd44640cf75f852c3f729a0d740ab11b74e4f64bfcb5ef9b5
SSDEEP

6144:Su90zMQezMYUWqhCHVKB4OYRVm3cBG0RXvRVu83SIpb6g42Z:qNNYrAKA3cBhR5Vu8vog4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56c06552a8c5cc46fc9b2c7fa7dde97a

Files

56c06552a8c5cc46fc9b2c7fa7dde97a
.exe windows:4 windows x86 arch:x86

5e27088a4d5fc655f9c0dcce62bbe40f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
QueryPerformanceCounter
GetModuleFileNameA
GetProcAddress
VirtualAlloc
HeapReAlloc
LoadLibraryA
VirtualQuery
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
GetTickCount
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
EnumDateFormatsExA
RtlUnwind
ExitProcess
InterlockedExchange

gdi32

GetObjectType
GetKerningPairs
LineTo
CreateFontIndirectW
ExcludeClipRect
Arc
DescribePixelFormat
SetDeviceGammaRamp
EnumEnhMetaFile
GetCharABCWidthsA
SetFontEnumeration
GetMetaRgn
BitBlt
GetKerningPairsA
SetArcDirection
GetCharWidth32W
GetMetaFileBitsEx
Pie
GetAspectRatioFilterEx
DeleteEnhMetaFile
Ellipse
GetTextCharsetInfo
GetROP2
EnumFontFamiliesExW

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ