55b33ad0a923455b500c7570e0782f7f6692c986075e0f5bd80e057dcdbd1c3d

Sharing

Copy URL

Twitter E-mail

General

Target

55b33ad0a923455b500c7570e0782f7f6692c986075e0f5bd80e057dcdbd1c3d
Size

1.1MB
MD5

34f50bdd2ec8d758d43530011b47e600
SHA1

0fd072c8947abe583d8c2f9e2299563cc83ebc2a
SHA256

55b33ad0a923455b500c7570e0782f7f6692c986075e0f5bd80e057dcdbd1c3d
SHA512

12b547152b95a6ac43d065d8b9f43f19c34d0e558ae5b04268c6cfc6fb7de181b57defc765ac30350681784cecbba22e4fd4dba15016e0ea541d89e14c95dd3c
SSDEEP

12288:EMg6coXAIJKLwLSXlWhRFdO/hdEo5uh9qwZpH7BKrFjjZ5/yhRob7QrMmnEH4DnE:EMg6coPJKLwLBbFdOm+6RowrMH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
55b33ad0a923455b500c7570e0782f7f6692c986075e0f5bd80e057dcdbd1c3d

Files

55b33ad0a923455b500c7570e0782f7f6692c986075e0f5bd80e057dcdbd1c3d
.exe windows:4 windows x86 arch:x86

fb1c510994ee743d65eb009e997a2128

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
GetCommandLineA
RaiseException
ExitThread
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetPrivateProfileStringA
GetLastError
GetFileTime
InterlockedExchange
CreateMutexA
GetModuleFileNameA
SetLocalTime
GetPrivateProfileIntA
WinExec
Sleep
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
CreateDirectoryA
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
FindClose
FindFirstFileA
MultiByteToWideChar
InterlockedDecrement
GetProfileStringA
GetFileAttributesA
GetFileSize
CreateFileA
CloseHandle
CreateThread
ReadFile
CreateProcessA
GetStartupInfoA
CreatePipe
TerminateProcess
WriteFile
SetEvent
CreateEventA
WaitForSingleObject
ResetEvent
WideCharToMultiByte
GetOverlappedResult
WaitCommEvent
PurgeComm
SetCommState
SetCommTimeouts
SetupComm
SetCommMask
GetCommState
ClearCommError
LoadResource
FindResourceA
LockResource
GlobalFree
GlobalUnlock
GlobalLock
GetModuleHandleA
WritePrivateProfileStringA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SuspendThread
SetThreadPriority
ResumeThread
GlobalAlloc
lstrcmpA
GetCurrentThread
MulDiv
SetLastError
lstrcpynA
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA

user32

PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
LoadCursorA
PtInRect
GetDesktopWindow
CharUpperA
DestroyMenu
LoadStringA
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
InflateRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
EnableWindow
RedrawWindow
SendMessageA
InvalidateRect
GetWindowRect
GetSysColor
UnregisterClassA
HideCaret
ShowCaret
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
SetWindowTextA
GetWindowTextA
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetClientRect
UpdateWindow
GetParent
DrawFocusRect
GetFocus
wsprintfA
LoadIconA
EnableMenuItem
GetSubMenu
GetMenuState
CheckMenuItem
GetMenu
AppendMenuA
GetClassNameA
GetSystemMenu
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
KillTimer
GetDlgCtrlID
TranslateMessage
DispatchMessageA
PeekMessageA
DrawMenuBar
ModifyMenuA
PostMessageA
OffsetRect
ReleaseDC
GetDC
SetRectEmpty
FillRect
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetWindowLongA
SetWindowLongA
MessageBoxA
IsRectEmpty

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
DeleteObject
OffsetViewportOrgEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateFontA
Rectangle
CreateCompatibleDC
GetTextExtentPointA
BitBlt
CreatePen
CreateDIBitmap

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

EnumPrintersA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoRevokeClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoCreateInstance
OleRun
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
SysFreeString
SysAllocString
VariantClear
VariantCopy
GetErrorInfo
VariantInit

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wininet

InternetGetLastResponseInfoA
InternetOpenA
InternetCloseHandle
InternetSetStatusCallback
InternetConnectA
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
FtpGetFileA

ws2_32

WSACleanup
inet_ntoa
gethostbyname
WSAStartup
gethostname

Sections

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 136KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fb1c510994ee743d65eb009e997a2128

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

version

wininet

ws2_32

Sections

.text Size: 760KB - Virtual size: 758KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 136KB - Virtual size: 152KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 760KB - Virtual size: 758KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 136KB - Virtual size: 152KB

.rsrc
Size: 96KB - Virtual size: 96KB