56f369ff83bda2ef318f676ee7e7d706

Sharing

Copy URL Twitter E-mail

General

Target

56f369ff83bda2ef318f676ee7e7d706
Size

575KB
MD5

56f369ff83bda2ef318f676ee7e7d706
SHA1

9aa6eaf65dca16e09ea573cdfa96aecfd8f5e361
SHA256

390cd4f6523d058155141046881171c35640f4d5a3d22b299edebe02273b8ee9
SHA512

31134229a23d480bec1711865a481e161e6957041bc3c9d91bb4ba8bfdf30b95c808e6db0e0727a1af1a89d21d8d265a28dddb2845d124a75c9f8808c44ab904
SSDEEP

12288:ifXc9MuwgK/C7zyZX438iPjVUDmn9IH/4SnL5iSLD7x:oXc9NwgK/gyp4/bIf4uL5iS37x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56f369ff83bda2ef318f676ee7e7d706

Files

56f369ff83bda2ef318f676ee7e7d706
.exe windows:4 windows x86 arch:x86

ae12b44059ead2d0456562942f4019d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
GetSaveFileNameA
ReplaceTextW

user32

GetClassInfoW
RegisterClassExA
CheckMenuRadioItem
SetForegroundWindow
SendMessageTimeoutA
RegisterClassA
ChangeMenuW
FrameRect
DefWindowProcW
SendNotifyMessageW
DefMDIChildProcA
SetMenuItemInfoA
CreateAcceleratorTableW
DrawStateW
DrawTextExA
SetDlgItemTextW
ShowWindow
DrawStateA
CreateWindowExA
DdeClientTransaction
GetMessagePos
RemovePropA
LoadBitmapA
DestroyWindow
ReleaseCapture
DrawAnimatedRects
SetMenuContextHelpId
HideCaret
DdeSetUserHandle
MessageBoxA
CreateIconIndirect
InvertRect

shell32

SHInvokePrinterCommandA
SHGetSpecialFolderPathW
SHFileOperationW
InternalExtractIconListA
DuplicateIcon

comctl32

CreateStatusWindowW
ImageList_Write
ImageList_SetImageCount
ImageList_SetFlags
ImageList_GetIcon
ImageList_EndDrag
InitCommonControlsEx
ImageList_SetIconSize
ImageList_DrawEx
ImageList_Read
ImageList_DragMove
ImageList_Destroy
ImageList_GetFlags
ImageList_LoadImage

kernel32

TlsSetValue
GetTempFileNameW
WriteConsoleA
VirtualUnlock
GetCompressedFileSizeA
SetEnvironmentVariableA
GetCurrentThread
GetTimeFormatA
GetSystemTimeAsFileTime
GetCurrentProcess
InterlockedExchange
HeapCreate
HeapSize
GetDateFormatA
GetShortPathNameA
RemoveDirectoryA
IsValidLocale
TlsAlloc
LCMapStringW
GetThreadTimes
GetProcAddress
HeapReAlloc
CreateDirectoryA
SetHandleCount
lstrcat
SetLastError
FindResourceW
OpenEventW
Sleep
GetLastError
GetFileType
GetVersion
WaitForMultipleObjects
FreeEnvironmentStringsA
TlsGetValue
FormatMessageA
GetStringTypeA
VirtualProtect
FileTimeToLocalFileTime
InitializeCriticalSection
GetLocaleInfoA
CreateProcessW
GetCommandLineA
MoveFileW
LoadLibraryA
TlsFree
LocalShrink
GetModuleHandleA
GetUserDefaultLangID
IsBadWritePtr
WritePrivateProfileSectionA
RemoveDirectoryW
SetFilePointer
GetLocaleInfoW
SetFileAttributesW
GetStartupInfoA
VirtualFree
GetNumberFormatW
LocalAlloc
DeleteCriticalSection
CreateFileMappingA
GetMailslotInfo
ResetEvent
UnhandledExceptionFilter
OpenMutexA
CompareStringA
FreeEnvironmentStringsW
GetStringTypeW
VirtualQuery
GetWindowsDirectoryW
HeapFree
HeapDestroy
GetCurrentThreadId
GetOEMCP
GetTimeZoneInformation
CreateMutexW
WaitForSingleObject
GetModuleFileNameA
GetTickCount
HeapAlloc
LCMapStringA
FlushInstructionCache
QueryPerformanceCounter
FindResourceExW
LeaveCriticalSection
DeleteFiber
WriteFile
SetConsoleWindowInfo
GetUserDefaultLCID
lstrcatW
GetACP
FindAtomA
GetVersionExA
GetCurrentProcessId
EnumSystemLocalesA
WideCharToMultiByte
CloseHandle
CreateMutexA
GetEnvironmentStrings
GetVersionExW
MultiByteToWideChar
LockResource
GetSystemDirectoryW
CompareStringW
VirtualAlloc
FlushFileBuffers
EnterCriticalSection
GetEnvironmentStringsW
ReadFile
RtlUnwind
FillConsoleOutputCharacterW
GetCPInfo
GetConsoleCursorInfo
GetSystemInfo
ConnectNamedPipe
SetStdHandle
TerminateProcess
GetStdHandle
IsValidCodePage
SetConsoleScreenBufferSize
ExitProcess

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae12b44059ead2d0456562942f4019d4

Headers

File Characteristics

Imports

comdlg32

user32

shell32

comctl32

kernel32

Sections

.text Size: 189KB - Virtual size: 189KB

.rdata Size: 266KB - Virtual size: 265KB

.data Size: 109KB - Virtual size: 140KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 189KB - Virtual size: 189KB

.rdata
Size: 266KB - Virtual size: 265KB

.data
Size: 109KB - Virtual size: 140KB

.rsrc
Size: 9KB - Virtual size: 9KB