55a2939df6865e43b0df3a8b521ef783a2f8f6b6dc58c08d4e1a0fd7bfd3d989[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

55a2939df6865e43b0df3a8b521ef783a2f8f6b6dc58c08d4e1a0fd7bfd3d989.exe
Size

1.2MB
MD5

be1037199eae55a14d1d84c99450b2db
SHA1

8164ee2c1461a5bb12e17b48a796d3e9f384fe27
SHA256

55a2939df6865e43b0df3a8b521ef783a2f8f6b6dc58c08d4e1a0fd7bfd3d989
SHA512

4becb1eefde983c71ff22a9a7f1386dd056f5b0015db767a205da9a5ee963eaf2df12b92f828552248ef280e92b890a6c06be975632ff8ecbd6738881fe402ed
SSDEEP

24576:zrg/n2HEsaiXrRBwtYnOYn0BhDb6bolvx:zrg/n3sai9BXnL0LDb6bo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55a2939df6865e43b0df3a8b521ef783a2f8f6b6dc58c08d4e1a0fd7bfd3d989.exe

Files

55a2939df6865e43b0df3a8b521ef783a2f8f6b6dc58c08d4e1a0fd7bfd3d989.exe
.dll windows:6 windows x64 arch:x64

e3af53f9b2e16ba302827a1bb1217795

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
ExitThread
MultiByteToWideChar
GetFileSizeEx
lstrcmpiW
CloseHandle
LocalFree
PeekNamedPipe
CreateProcessW
GetCurrentProcess
WaitForSingleObject
SetEvent
CreateNamedPipeW
TerminateThread
ReadFile
TerminateProcess
GetLastError
CreateEventW
WaitForMultipleObjects
CreatePipe
GetCurrentThreadId
DuplicateHandle
CreateThread
GetModuleHandleExW
SetConsoleMode
GetConsoleMode
GetStdHandle
GetFileType
WriteFile
SetUnhandledExceptionFilter
SetErrorMode
GetEnvironmentVariableW
Sleep
FormatMessageW
CreateSemaphoreA
ReleaseSemaphore
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
CreateEventA
ResetEvent
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetSystemDirectoryA
LoadLibraryA
FormatMessageA
CreateMutexW
ReleaseMutex
VirtualFree
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
UnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

user32

LoadStringW
wsprintfW
CharToOemBuffW

advapi32

CryptAcquireContextA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW

shell32

CommandLineToArgvW

ws2_32

WSAIoctl
getnameinfo
shutdown
freeaddrinfo
getaddrinfo
getprotobynumber
getservbyname
socket
ntohs
ntohl
listen
WSAGetOverlappedResult
htonl
getsockname
bind
accept
WSASetLastError
WSASend
WSARecv
ioctlsocket
WSAGetLastError
setsockopt
send
getsockopt
connect
closesocket
select
htons
WSACleanup
WSAStartup
recv

msvcrt

__C_specific_handler
memmove
memset
memcpy
_purecall
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_snprintf
atoi
strncat
_stricmp
calloc
free
perror
strtoul
memchr
malloc
_errno
_write
_lseeki64
_read
realloc
ferror
_iob
isxdigit
isspace
isdigit
_amsg_exit
_initterm
_XcptFilter
??1type_info@@UEAA@XZ
qsort
strchr
exit
strcmp
memcmp
_strdup
abort
_vsnprintf
fclose
feof
fflush
fread
fseek
ftell
fwrite
strncmp
strerror
fgets
fopen
fprintf
_close
strtol
tolower
sscanf
time
getenv
_strtoi64
rand
_open
_vscprintf
_ftime
_fstati64
strpbrk
strspn
strstr
strftime
gmtime
_beginthread
signal
_stat
fputs

Exports

Exports

CreateClientAuthContext
FillInAuthInfo
GetAuthInfoSize
VerifyAuthInfo

Sections

.text
Size: 804KB - Virtual size: 803KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 625B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3af53f9b2e16ba302827a1bb1217795

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

msvcrt

Exports

Exports

Sections

.text Size: 804KB - Virtual size: 803KB

.rdata Size: 298KB - Virtual size: 297KB

.data Size: 66KB - Virtual size: 72KB

.pdata Size: 50KB - Virtual size: 50KB

.rsrc Size: 1024B - Virtual size: 625B

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 804KB - Virtual size: 803KB

.rdata
Size: 298KB - Virtual size: 297KB

.data
Size: 66KB - Virtual size: 72KB

.pdata
Size: 50KB - Virtual size: 50KB

.rsrc
Size: 1024B - Virtual size: 625B

.reloc
Size: 12KB - Virtual size: 12KB