56f1ce8a5b93a11f55ebc053fded72a6

Sharing

Copy URL Twitter E-mail

General

Target

56f1ce8a5b93a11f55ebc053fded72a6
Size

421KB
MD5

56f1ce8a5b93a11f55ebc053fded72a6
SHA1

24eb2e794ee73f07641ab6fc2feb30cd0f12936c
SHA256

467616c26208ab9265bc55c7c6fa2a0f7742403b169347944ca4e1539389aa65
SHA512

03c9d8272f4d3d445879827f4add0786c3b5a0aab7ca220e357b7894649119b7ea68d88935827bc33572e826b858d1dae30cc00856bd4ba8fcea72c801514475
SSDEEP

6144:BkI5F2KntdZi2mXIou8zzhxRyxQLOh7+MJiHM1QjHcUPMOyfHnwihNrXDSZBM7MT:Gk5n3ZVByHF6NMtclwyHSgwdgmJQa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56f1ce8a5b93a11f55ebc053fded72a6

Files

56f1ce8a5b93a11f55ebc053fded72a6
.exe windows:4 windows x86 arch:x86

c10bb5b53b1e4fd88c0c4c1a4e9eff60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FindExecutableA
SHFileOperationW
SHBrowseForFolderW
SHEmptyRecycleBinA
RealShellExecuteW
ShellExecuteW
RealShellExecuteExA
SHBrowseForFolder

wininet

InternetCrackUrlA
InternetDialW
FindFirstUrlCacheEntryA
InternetCombineUrlA
InternetConnectA
UpdateUrlCacheContentPath
ReadUrlCacheEntryStream
InternetCreateUrlW
FindFirstUrlCacheEntryExW
SetUrlCacheConfigInfoA
FindFirstUrlCacheContainerA
GetUrlCacheGroupAttributeW
ShowSecurityInfo
InternetSecurityProtocolToStringA
GopherCreateLocatorA
GetUrlCacheEntryInfoExA
InternetCanonicalizeUrlW
FindNextUrlCacheGroup
SetUrlCacheHeaderData
InternetCheckConnectionW
CreateUrlCacheContainerW
InternetGetConnectedStateExA
UnlockUrlCacheEntryFileW

comdlg32

ChooseFontA
PrintDlgA
ReplaceTextA
GetSaveFileNameW
GetFileTitleA
PageSetupDlgW
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleW
ChooseFontW
PrintDlgW
PageSetupDlgA
FindTextW
ReplaceTextW
ChooseColorW
GetOpenFileNameW
LoadAlterBitmap

gdi32

SetBkMode
FrameRgn
CombineTransform
PolyPolyline
GetNearestPaletteIndex
DescribePixelFormat
SetPixelFormat

kernel32

ExitProcess
HeapReAlloc
GetModuleFileNameA
GetTickCount
RtlUnwind
GetComputerNameA
GetCurrentProcess
FindFirstFileW
GetConsoleCursorInfo
HeapFree
VirtualAlloc
HeapAlloc
QueryPerformanceCounter
VirtualQuery
MoveFileW
GetSystemTimeAsFileTime
GetDiskFreeSpaceW
GetTimeFormatW
CreateNamedPipeW
LocalFileTimeToFileTime
CreateMailslotW
OutputDebugStringW
TerminateProcess
GetCurrentProcessId
FileTimeToDosDateTime
GetModuleHandleA
WriteProfileSectionW
GetCurrentThreadId
CreateMailslotA
GetProcAddress
LoadLibraryA
InterlockedExchange
LocalUnlock
EnumDateFormatsExW

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c10bb5b53b1e4fd88c0c4c1a4e9eff60

Headers

File Characteristics

Imports

shell32

wininet

comdlg32

gdi32

kernel32

Sections

.text Size: 151KB - Virtual size: 151KB

.data Size: 266KB - Virtual size: 266KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 151KB - Virtual size: 151KB

.data
Size: 266KB - Virtual size: 266KB

.rsrc
Size: 2KB - Virtual size: 1KB