55b061bda51a93482f23a5be7a6edc7c[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

55b061bda51a93482f23a5be7a6edc7c.exe
Size

333KB
MD5

55b061bda51a93482f23a5be7a6edc7c
SHA1

57dc8d8ba4402338e27a3c46e4a9e076a8a667f6
SHA256

0d9ec88b38a60941ac5daad7336d2133c030b197398c4eda97f8fcf30a093e25
SHA512

4fa55cab96669da7d410aa6e6ccb410877d4ec14f61032f006ea9086ad96691768b94988e69174481d889a45396ddf20bf4c64555f3e12cf58c89c3bb4a98da2
SSDEEP

6144:D1Z/AqYMA+0l3hlk6QZU1uYgB6/H8IYoh8SO4bIJR5gEm:D1VHYMAt37k1Ukd6AoqBVgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55b061bda51a93482f23a5be7a6edc7c.exe

Files

55b061bda51a93482f23a5be7a6edc7c.exe
.exe windows:6 windows x64 arch:x64

ed505f1b24c780f3dbb8e67a11a30436

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\msstudiotest1\trypython37_xgb_handcpp\x64\Release\ConsoleApplication2.pdb

Imports

kernel32

CloseHandle
ReadFile
CancelIo
WriteFile
DeviceIoControl
WaitForSingleObject
CreateEventW
FormatMessageW
CreateFileA
LoadLibraryA
ResetEvent
GetOverlappedResult
GetProcAddress
LocalFree
FreeLibrary
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
GetCurrentProcessId
GetModuleHandleW
FindFirstFileW
GetModuleFileNameW
FindClose
CreateFileW
GetDriveTypeW
SetWaitableTimer
CreateWaitableTimerW
CreateThread
WideCharToMultiByte
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetStdHandle
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
Sleep
HeapFree
GetConsoleMode
GetConsoleOutputCP
RtlUnwind
FlushFileBuffers
GetFileType
SetFilePointerEx
GetFileSizeEx
GetCommandLineW
GetCommandLineA
InitOnceExecuteOnce
QueryPerformanceCounter
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
EncodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleHandleExW
ExitProcess
GetStdHandle

user32

wsprintfW

advapi32

AllocateAndInitializeSid
FreeSid
CheckTokenMembership
CreateServiceW
CloseServiceHandle
OpenSCManagerW
DeleteService
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW

shell32

ShellExecuteExW

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

Exports

Exports

hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write

Sections

.text
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed505f1b24c780f3dbb8e67a11a30436

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

setupapi

Exports

Exports

Sections

.text Size: 225KB - Virtual size: 224KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 5KB - Virtual size: 14KB

.pdata Size: 12KB - Virtual size: 11KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 225KB - Virtual size: 224KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 5KB - Virtual size: 14KB

.pdata
Size: 12KB - Virtual size: 11KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 2KB