56e603c5f132e297014a11cba64b61e9

Sharing

Copy URL Twitter E-mail

General

Target

56e603c5f132e297014a11cba64b61e9
Size

652KB
MD5

56e603c5f132e297014a11cba64b61e9
SHA1

6ced1b6dfc52c1c3d32e6a7536cd17d11c0e27da
SHA256

cb7f5610d0ec462f3da43c2fedecf1efde75cda18e4a50a0c7f42d6a6c51990d
SHA512

7398af6a6d964248e051316ed08cbfc9712085146b1f722122b16f03b55d526d9c422cfe2d2a8124f154426e6234bf86312ddcdc77c6fc6a0d3bfab1b215d59b
SSDEEP

12288:dx7pESeLIeoW8mkum7zDlikEF+AQ7DNR:dx7CSesI8mRsliXADN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56e603c5f132e297014a11cba64b61e9

Files

56e603c5f132e297014a11cba64b61e9
.exe windows:4 windows x86 arch:x86

d61af03ffb1bda8900e1f47b46982e02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetReadFile
InternetCrackUrlA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetConnectA
InternetCheckConnectionA
InternetSetCookieA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

FindResourceExA
GetLastError
CloseHandle
CreateFileA
ReadFile
GetFileSize
InterlockedIncrement
WideCharToMultiByte
DeleteFileA
InterlockedDecrement
CreateProcessA
GetCurrentProcessId
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetEvent
CreateEventA
FreeLibrary
LoadLibraryA
CreateMutexA
SetCurrentDirectoryA
WaitForSingleObject
OpenProcess
GetProcAddress
GetTickCount
MultiByteToWideChar
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
GetCurrentThreadId
RaiseException
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
lstrlenW
WriteFile
CreateDirectoryA
FreeResource
SetErrorMode
lstrcmpA
MulDiv
GlobalFree
GlobalHandle
GetModuleHandleA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
FindAtomA
lstrcpyA
FindNextFileA
FindClose
FindFirstFileA
Sleep
InterlockedExchange
CompareStringA
CompareStringW
FindResourceA
lstrcpynA
HeapSize
HeapWalk
GetProcessHeaps
GetVersionExA
SetFilePointer
LocalFree
FormatMessageA
GetCurrentDirectoryA
FileTimeToSystemTime
SystemTimeToFileTime
GetComputerNameA
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
FlushFileBuffers
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetFullPathNameA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualProtect
CreateThread
ResumeThread
ExitThread
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
LocalAlloc
HeapCreate
LoadResource
LockResource
SizeofResource
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TlsFree
ExitProcess
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter

user32

CloseDesktop
OpenDesktopA
GetWindowPlacement
EqualRect
CopyRect
IntersectRect
OffsetRect
InflateRect
PtInRect
IsRectEmpty
SetActiveWindow
PostQuitMessage
SetTimer
CreateDialogIndirectParamA
DialogBoxIndirectParamA
InvalidateRgn
InvalidateRect
ScreenToClient
ClientToScreen
CreateAcceleratorTableA
GetDC
GetDesktopWindow
FindWindowA
GetForegroundWindow
SetRectEmpty
EnumWindows
ReleaseDC
CharNextA
GetClassNameA
RedrawWindow
IsWindow
BeginPaint
FillRect
EndPaint
SetFocus
GetSysColor
DestroyAcceleratorTable
SetRect
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SystemParametersInfoA
GetClientRect
MapWindowPoints
IsDialogMessageA
GetDlgItem
IsChild
KillTimer
ShowWindow
UpdateWindow
GetWindowRect
SetWindowPos
MoveWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CallWindowProcA
MonitorFromPoint
GetMonitorInfoA
DestroyMenu
MapDialogRect
TrackPopupMenu
GetSubMenu
LoadMenuA
GetFocus
GetParent
SendMessageA
GetWindow
DestroyWindow
EndDialog
CreateDialogParamA
DefWindowProcA
MessageBoxA
SetForegroundWindow
DestroyIcon
GetSystemMetrics
LoadImageA
ReleaseCapture
GetCursorPos
SetCapture
PostMessageA
GetActiveWindow
UnregisterClassA
SetWindowContextHelpId

gdi32

BitBlt
SelectObject
GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCloseKey

shell32

SHAppBarMessage
ShellExecuteExA
Shell_NotifyIconA

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
CoTaskMemFree
CoTaskMemRealloc
CoFreeUnusedLibraries
CoUninitialize

oleaut32

SysFreeString
SysAllocStringLen
DispCallFunc
VariantInit
VariantClear
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysStringByteLen
OleCreateFontIndirect
VarUI4FromStr
VarBstrCmp
SysAllocStringByteLen
VariantChangeType
GetErrorInfo
SysAllocString

urlmon

CoInternetGetSession

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d61af03ffb1bda8900e1f47b46982e02

Headers

File Characteristics

Imports

wininet

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 17KB - Virtual size: 31KB

.rsrc Size: 272KB - Virtual size: 272KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 17KB - Virtual size: 31KB

.rsrc
Size: 272KB - Virtual size: 272KB