56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca

Sharing

Copy URL

Twitter E-mail

General

Target

56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca
Size

286KB
MD5

c0055a567dc53196f0c7c418ac7d2700
SHA1

d2ff7cd6625129fc7fce57b2871e224f03227606
SHA256

56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca
SHA512

d5893764a245bf93cec1139bd6808a6754e8ebd5fcc97b5d4ad80d2e1d7c455c1998a1fa470d0f91326fa106b25bd88499712f0604c117b592dda644040c78de
SSDEEP

6144:yxcLCrWDWGNXv7qZBiq10MRkRpR3OG/WmCcNH:jLWWDonkh3d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca

Files

56bc6f293ed2cd7b1f21f02baf9e05bc6d459c7e1ce91b18ae01eff13b3e96ca
.exe windows:5 windows x86 arch:x86

277f12ee4593006d0849fdfcafe37abf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetCurrentProcess
GetLogicalDriveStringsW
InterlockedCompareExchange
SetVolumeMountPointW
GetModuleHandleW
GetTickCount
CreateNamedPipeW
FindNextVolumeMountPointA
GetNumberFormatA
CreateActCtxW
TlsSetValue
SetFileShortNameW
LoadLibraryW
LocalShrink
GetLocaleInfoW
GetCalendarInfoA
SetConsoleCP
GetFileAttributesW
GetModuleFileNameW
GetShortPathNameA
CreateJobObjectA
LCMapStringA
VerifyVersionInfoW
InterlockedExchange
GlobalUnfix
GetLastError
SetLastError
GetProcAddress
EnumSystemCodePagesW
GetConsoleDisplayMode
SetComputerNameA
LoadModule
SetThreadPriorityBoost
GetCommState
LocalAlloc
GetFileType
CreateFileMappingW
CreateHardLinkW
GetNumberFormatW
CreateEventW
FoldStringA
SetEnvironmentVariableA
EnumDateFormatsA
GetProcessShutdownParameters
LoadLibraryExA
VirtualProtect
GetCurrentDirectoryA
GetFileTime
OpenEventW
PeekConsoleInputA
SetCalendarInfoA
GetVersionExA
GetDiskFreeSpaceExW
GetWindowsDirectoryW
DebugBreak
GetTempPathA
EnumCalendarInfoExA
CommConfigDialogW
WriteConsoleW
CreateFileW
IsProcessorFeaturePresent
RaiseException
FlushFileBuffers
GetConsoleAliasExesLengthA
SetEndOfFile
GetConsoleAliasExesA
EnumCalendarInfoA
GlobalMemoryStatus
SetDefaultCommConfigA
MultiByteToWideChar
HeapFree
HeapAlloc
EncodePointer
DecodePointer
HeapReAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsFree
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapCreate
ExitProcess
WriteFile
GetStdHandle
Sleep
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
LCMapStringW
GetStringTypeW
RtlUnwind
SetStdHandle
GetConsoleCP
GetConsoleMode

user32

LoadMenuA
GetMenuStringW
CharUpperA
GetMenu
GetWindowLongW
DrawStateW
SetCaretPos
InsertMenuItemW

gdi32

GetCharWidthFloatA
CreateDCA
DeleteMetaFile
GetCharWidth32A
GetTextMetricsA
GetBkMode

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 32.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ninikey
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yani
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

277f12ee4593006d0849fdfcafe37abf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 228KB - Virtual size: 227KB

.data Size: 23KB - Virtual size: 32.1MB

.ninikey Size: 1024B - Virtual size: 1024B

.yani Size: 512B - Virtual size: 214B

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 228KB - Virtual size: 227KB

.data
Size: 23KB - Virtual size: 32.1MB

.ninikey
Size: 1024B - Virtual size: 1024B

.yani
Size: 512B - Virtual size: 214B

.rsrc
Size: 32KB - Virtual size: 32KB