56769c6e1b6ac408ab12768060775a4de73fc6fefacd14bd2783ce35372cd33d

Sharing

Copy URL Twitter E-mail

General

Target

56769c6e1b6ac408ab12768060775a4de73fc6fefacd14bd2783ce35372cd33d
Size

324KB
MD5

0e6f8bfbc057b4e4718f2c3a9195daa1
SHA1

d905645caa2570747de393af19f395a008e154d1
SHA256

56769c6e1b6ac408ab12768060775a4de73fc6fefacd14bd2783ce35372cd33d
SHA512

b3039aa861372204bacb469ed2a766b879beadda9dc0ea8889cadda977ac8bb308458580d8e1bdc92bb9110c825fab9e9f7a9dce1d9e7d9b99595a0a043acc39
SSDEEP

6144:KBraUjzS/3gC81gQ5yrfw+xiG4wnXCAPiGMA4e7Uonakj+GE:KpFzS/nKew5G4cqXeRakVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56769c6e1b6ac408ab12768060775a4de73fc6fefacd14bd2783ce35372cd33d

Files

56769c6e1b6ac408ab12768060775a4de73fc6fefacd14bd2783ce35372cd33d
.exe windows:5 windows x86 arch:x86

667a9c86a8275b5b47ff4f28898486d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

IsWindow
EnableMenuItem
MessageBoxW
CreateMDIWindowW
LoadMenuA
GetLastActivePopup
SetWindowLongW
ShowWindow
AnimateWindow
SetCursor

shell32

Shell_NotifyIconW
DragAcceptFiles
ExtractIconExA

kernel32

VirtualProtect
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemDirectoryW
GetStartupInfoW
GetCPInfo
GetConsoleWindow
GetLastError
lstrcmpiW
SetEvent
lstrcpyA
lstrcmpA
GetModuleHandleA
GetTickCount
CopyFileExA
UpdateResourceW
LockFileEx
DnsHostnameToComputerNameW
GetEnvironmentStringsW
SetFirmwareEnvironmentVariableW
SetCommMask
OpenJobObjectW
MapViewOfFileEx
SetCurrentDirectoryA
SetTimerQueueTimer
EnumCalendarInfoA
CreateSemaphoreW
SetProcessPriorityBoost
GetDriveTypeA
WaitForMultipleObjects
EnterCriticalSection
GetFileAttributesA
TryEnterCriticalSection
OpenEventA
ResetWriteWatch
GetCommConfig
CreateMailslotW
GetProcessId
GetAtomNameW
IsDebuggerPresent
CreateNamedPipeW
WriteConsoleOutputCharacterW
FindFirstVolumeMountPointW
ExpandEnvironmentStringsW
ReadConsoleInputW
GetFileSizeEx
WaitForDebugEvent
FillConsoleOutputAttribute
TerminateProcess
CreateDirectoryExA
CreateToolhelp32Snapshot
ReadConsoleOutputA
GetProcessShutdownParameters
EnumSystemCodePagesW
DebugActiveProcess
EnumResourceNamesA
LocalAlloc
HeapAlloc
GetPrivateProfileSectionNamesA
FlushConsoleInputBuffer
ScrollConsoleScreenBufferW
Thread32First
LoadResource
CompareStringA
MoveFileW
GetHandleInformation
GetStringTypeExA
EnumDateFormatsA
GetBinaryTypeW
CompareStringW
GetNumberOfConsoleInputEvents
CreateFileA
SetComputerNameW
FreeLibrary
GlobalMemoryStatus
ReadConsoleOutputW
PurgeComm
CreateFileW
ReleaseMutex
CopyFileExW
CallNamedPipeW
GlobalFindAtomA
GetNativeSystemInfo
EnumResourceLanguagesW
CreateMutexA
DisconnectNamedPipe
GetEnvironmentStrings
IsSystemResumeAutomatic
ZombifyActCtx
WriteProfileSectionW
GlobalAlloc
GetConsoleFontSize
WaitCommEvent
CancelTimerQueueTimer
GetSystemInfo
GetSystemTimeAsFileTime
WritePrivateProfileStructW
GetThreadTimes
Heap32ListFirst
FindFirstVolumeA
GetCurrencyFormatW
LocalFileTimeToFileTime
CreateDirectoryW
QueryDosDeviceW
GlobalFix
EnumSystemLocalesW
LocalFree
CreateActCtxA
GetLogicalDriveStringsA
GetVolumePathNamesForVolumeNameA
SetEnvironmentVariableA
FindClose
CreateSemaphoreA
VirtualQuery
CreateWaitableTimerA
SetStdHandle
SetFileAttributesW
SetConsoleCursorInfo
FileTimeToLocalFileTime
ReadProcessMemory
GetConsoleSelectionInfo
SetConsoleScreenBufferSize
FindFirstFileW
WritePrivateProfileStringA
LocalReAlloc
lstrcatW
CreateHardLinkA
InterlockedExchangeAdd
FindAtomA
WaitNamedPipeW
GlobalGetAtomNameW
AttachConsole
RequestDeviceWakeup
TransactNamedPipe
LoadLibraryA
InterlockedExchange
SetConsoleCtrlHandler
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CloseHandle
GetCommandLineA
GetVersionExA
GetLocaleInfoW
RaiseException
FreeEnvironmentStringsA
FreeEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
OutputDebugStringW
CreateHardLinkW
GetTimeZoneInformation
FlushFileBuffers
WriteConsoleW
MultiByteToWideChar
DeleteFileA
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
OutputDebugStringA
GetACP
GetOEMCP
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
HeapFree
FatalAppExitA
ExitProcess
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetFilePointer
InitializeCriticalSection
GetModuleHandleW
RtlUnwind
ReadFile
LCMapStringA
LCMapStringW
Sleep
WriteConsoleA
GetConsoleOutputCP

pdh

PdhAddCounterA
PdhCollectQueryDataEx
PdhParseCounterPathW
PdhCloseQuery

mprapi

MprAdminConnectionClearStats
MprInfoBlockAdd
MprAdminDeviceEnum

clusapi

RemoveClusterResourceNode
GetClusterKey
ClusterRegSetValue
OpenCluster
ClusterResourceTypeCloseEnum
ClusterNodeControl
OfflineClusterResource

gdi32

SetEnhMetaFileBits
SetBkColor

oleaut32

VarCyFromI1
VarBoolFromI1

Sections

.text
Size: 240KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.imdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EODE
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

667a9c86a8275b5b47ff4f28898486d7

Headers

File Characteristics

Imports

user32

shell32

kernel32

pdh

mprapi

clusapi

gdi32

oleaut32

Sections

.text Size: 240KB - Virtual size: 238KB

.imdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 20KB

EODE Size: 32KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 225KB

.text
Size: 240KB - Virtual size: 238KB

.imdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 20KB

EODE
Size: 32KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 225KB