c56f18810659649ada00475e18623fbb

General

Target

c56f18810659649ada00475e18623fbb
Size

336KB
MD5

c56f18810659649ada00475e18623fbb
SHA1

50fceb44026e52ed37a9efdd9811e69566b49e77
SHA256

93f9c32434b83b64b27be8e5cb8fa805d145f001054005d49b9bed86deee0fd7
SHA512

5ec74e2086e67738ba17ad3be67179930e0da2fae1946d5102180d510fdafd508d57043e1f905d6a3d8727748699cf11bef5dab233f616662434db4cf05799b1
SSDEEP

6144:1nQoeN6wd+5AZuO+8htcdvYMu6XDsAhzVEBt/rG4Y+Iq3JHv:1nVkimhtcdYMgAZyLnp3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c56f18810659649ada00475e18623fbb

Files

c56f18810659649ada00475e18623fbb
.dll windows:4 windows x86 arch:x86

61a3ce6764bacb6a8270496d7461cbcc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MoveFileWithProgressA
LocalReAlloc
OpenFileMappingA
GetUserDefaultLangID
GlobalSize
HeapCreate
_lcreat
GetConsoleWindow
ConnectNamedPipe
WriteConsoleOutputAttribute
GetAtomNameA
SearchPathA
CreateSemaphoreA
FlushConsoleInputBuffer
SetLocalPrimaryComputerNameA
LCMapStringA
GetWindowsDirectoryA
ReadConsoleInputA
SetCurrentDirectoryA
GetCommProperties
GetCurrentProcessId
ExpandEnvironmentStringsA
DuplicateConsoleHandle
EnumUILanguagesA
FindNextFileA
WaitForMultipleObjects
GetComputerNameA
GetFileSize
FillConsoleOutputAttribute
GetComputerNameExA
lstrcpyn
GetCurrentThread
WriteConsoleInputA
SetFilePointer
ReadConsoleA
SetVolumeMountPointA
WriteConsoleA
GetFileAttributesExA
GetModuleHandleA
GetFullPathNameA
GetDefaultCommConfigA
GetCalendarInfoA
LZClose
IsBadCodePtr
CreateNamedPipeA
HeapDestroy
CreateFileMappingA
HeapReAlloc
SetFilePointer
EnumSystemLocalesA
GetDriveTypeA
WriteFileGather
GetPrivateProfileSectionNamesA
GetDiskFreeSpaceA
CancelWaitableTimer
TransmitCommChar
SetPriorityClass
TermsrvAppInstallMode
GetStdHandle
GetProcessHeap
VirtualAlloc
ReadFileScatter
GetSystemDefaultLangID
LZStart
SetConsoleTitleA
GetCommModemStatus
OpenEventA
GetConsoleMode
GetExpandedNameA
OpenWaitableTimerA
EnumResourceNamesA
ShowConsoleCursor

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Sections

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61a3ce6764bacb6a8270496d7461cbcc

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.idata Size: - Virtual size: 2KB

.text Size: 324KB - Virtual size: 324KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 2KB

.text
Size: 324KB - Virtual size: 324KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB