56f5ded1e465d86726d68493f1fd2b2d

General

Target

56f5ded1e465d86726d68493f1fd2b2d
Size

139KB
MD5

56f5ded1e465d86726d68493f1fd2b2d
SHA1

fd9ee8bf3d6df9c7bbb2c1dc08bef54b03b8fd39
SHA256

c90c778e81da70bb84351a55c3af0b7cb661edcebb7b71b31e81ca5fb63db5d3
SHA512

f53c4e5b75c27f034a767073a344a3831f46d2d54f87cb1118742a568cfd47fb5076dbeda610377222ceaf89004ed78b204d24f6235be4e20604aa2cd2923457
SSDEEP

3072:8bQcWr5DNp5BfHTG9o1FOFMwWWpTqcNxWmC:0983HfzGivOFMwbTrxWmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56f5ded1e465d86726d68493f1fd2b2d

Files

56f5ded1e465d86726d68493f1fd2b2d
.exe windows:5 windows x86 arch:x86

59fcc53c13782c0b83ad9e85c640aa6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetACP
CloseHandle
VirtualAlloc
ReadFile
SetFilePointer
GetFileSize
CreateFileA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCurrentProcessId
lstrlenA
HeapAlloc
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
HeapReAlloc
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleHandleA
GetLastError
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

shlwapi

wnsprintfA

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59fcc53c13782c0b83ad9e85c640aa6a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 5KB - Virtual size: 4KB