56a641bfad6c5962fe06fb396da67849

General

Target

56a641bfad6c5962fe06fb396da67849
Size

74KB
MD5

56a641bfad6c5962fe06fb396da67849
SHA1

f6e7e59df740fb21354e933aafaa950107b28345
SHA256

6d2e40027a0db22b82188c5f2cd02452ad1c63eb66bb852ce314ca0040cbe923
SHA512

20c7058e69ae05862b28ce25bd37d4d25769e57e027645673d545a9ce34ba907f498a4b95df805b83782df81284976d406f30638681a9273585bff3705bd8f4c
SSDEEP

1536:9nUVYZ0mU35iDL0HXEtTlVmLksCjs9mN0S5e0Hjz:9nzamUIDYHo0LVKs9mHX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56a641bfad6c5962fe06fb396da67849

Files

56a641bfad6c5962fe06fb396da67849
.exe windows:5 windows x86 arch:x86

d7bf2bd0b650637bdeaa873ec51947f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateHardLinkW
GetModuleHandleA
BuildCommDCBW
_hread
SetWaitableTimer
FormatMessageW
SetWaitableTimer
GetUserDefaultLCID
IsBadHugeReadPtr
GetStartupInfoA
DebugActiveProcess
VirtualFree
SetConsoleCommandHistoryMode
SetConsoleKeyShortcuts
GetCommandLineA

gdi32

GetCharABCWidthsFloatW
GdiSetLastError
GetFontAssocStatus
GdiQueryFonts
EngDeleteSemaphore

advapi32

BuildImpersonateExplicitAccessWithNameA
AccessCheckByTypeAndAuditAlarmA
SetSecurityInfoExA
RegEnumValueA
ObjectPrivilegeAuditAlarmA
WmiSetSingleInstanceA
WmiQueryAllDataW
RegEnumValueA
CryptDestroyKey

ole32

StgOpenStorageOnILockBytes
CoFileTimeNow
OleRegEnumVerbs
IsValidPtrIn
SNB_UserMarshal
HWND_UserFree

user32

RegisterLogonProcess
CharPrevExA
SetUserObjectInformationW
DestroyCaret
MonitorFromWindow
EnumDisplaySettingsA
EnumPropsA
RegisterWindowMessageW

msvcrt

_mbclen
_CIlog10
_fstat64
_ismbblead
_open
isspace
_snprintf
iswctype
_wcsnicmp
_mbsupr

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7bf2bd0b650637bdeaa873ec51947f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

ole32

user32

msvcrt

Sections

.text Size: 70KB - Virtual size: 70KB

.data Size: 2KB - Virtual size: 121KB

.rsrc Size: 1024B - Virtual size: 780B

.text
Size: 70KB - Virtual size: 70KB

.data
Size: 2KB - Virtual size: 121KB

.rsrc
Size: 1024B - Virtual size: 780B