556fcfc4ad73b3a7959a773fd4ffcf4ef1d840b2827b21528c2b9bf7ac1cf038

Sharing

Copy URL Twitter E-mail

General

Target

556fcfc4ad73b3a7959a773fd4ffcf4ef1d840b2827b21528c2b9bf7ac1cf038
Size

271KB
MD5

c07dffdfc6ebd858b3d81c53a41ee25a
SHA1

9b5224e5122968251b1b14924f6ac42d7730009e
SHA256

556fcfc4ad73b3a7959a773fd4ffcf4ef1d840b2827b21528c2b9bf7ac1cf038
SHA512

dbebab950a4ab500432dd1cc26db474520be1f9429c233603bac9a71c5e520b83fb1f82b4a9583db383ed4839d91fc40366241f0e613a2320e894e477fdcdd66
SSDEEP

3072:VOqrAFpcKQVdpdKb06+KCPNHud/0JrZ5OWM57tx9FMqnGHAE+zwxcgKei04YeqNC:dg+sb09xNHuEkhH9xGRJXR4Y/Nu9e6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
556fcfc4ad73b3a7959a773fd4ffcf4ef1d840b2827b21528c2b9bf7ac1cf038

Files

556fcfc4ad73b3a7959a773fd4ffcf4ef1d840b2827b21528c2b9bf7ac1cf038
.dll windows:5 windows x86 arch:x86

0f0339e64e44c58e59f61c8d55d80a36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetSetOptionW

kernel32

InitializeCriticalSectionAndSpinCount
SetLastError
HeapAlloc
GetProcessHeap
HeapReAlloc
GetLastError
GlobalFree
HeapFree
VerSetConditionMask
VerifyVersionInfoW
GetVersionExW
GetSystemInfo
GetModuleHandleW
GetVersion
InterlockedDecrement
GetTickCount
Sleep
DeleteFileW
FreeLibrary
FindClose
WaitForSingleObject
LoadLibraryA
LocalAlloc
LocalFree
GetCurrentProcess
OpenProcess
TerminateProcess
IsWow64Process
RemoveDirectoryW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
FindNextFileW
FindFirstFileW
CloseHandle
CreateFileW
LoadLibraryW
GetProcAddress
MoveFileExW
GetTempPathW
GetFileAttributesW
GetModuleFileNameW
FindResourceExW
MultiByteToWideChar
LockResource
SizeofResource
LoadResource
FindResourceW
FlushFileBuffers
CreateProcessW
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointerEx
SetFilePointer
ReadConsoleW
SetEndOfFile
GetConsoleMode
GetConsoleCP
GetFileType
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
HeapDestroy
HeapSize
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
InterlockedIncrement
EncodePointer
DecodePointer
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
ReadFile
GetCommandLineA
GetCurrentThreadId
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
LCMapStringW

user32

FindWindowW
GetDesktopWindow

advapi32

ControlService
QueryServiceStatusEx
RegEnumKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryInfoKeyW
OpenServiceW
CloseServiceHandle
OpenSCManagerW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegEnumValueW
RegCloseKey
RegOpenKeyExW
DeleteService

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoSetProxyBlanket
CoInitializeSecurity
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

winhttp

WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpReadData
WinHttpConnect

Exports

Exports

u

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f0339e64e44c58e59f61c8d55d80a36

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

winhttp

Exports

Exports

Sections

.text Size: 182KB - Virtual size: 182KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 7KB - Virtual size: 18KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 38KB - Virtual size: 37KB

.text
Size: 182KB - Virtual size: 182KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 7KB - Virtual size: 18KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 38KB - Virtual size: 37KB