56294f4833e3d9f7a59ced49779654a70466cf9794e40d5557a0db042217f2df

Sharing

Copy URL Twitter E-mail

General

Target

56294f4833e3d9f7a59ced49779654a70466cf9794e40d5557a0db042217f2df
Size

166KB
MD5

1db1e94f7845fe85bdce3f4cb0971bc9
SHA1

69f7722ad9f84442b9372bf0e85f888295bcdb47
SHA256

56294f4833e3d9f7a59ced49779654a70466cf9794e40d5557a0db042217f2df
SHA512

6f145121d0eaf5b81748b5bbd08d5e2daf64aa505868e406ddaaa34f59e322380047214c1605ca4c7927e3dec2444f08f0f7ec6493e0f495ed9f168eded9651c
SSDEEP

3072:YiaTADm38/HC7Ns/jIYBGAC7OehrCYutRRX0CDrjeZ+vjma5DSzCG9LcgXkmhxww:icDmUA20uGAm5S1nC+LDDSGG9QgH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56294f4833e3d9f7a59ced49779654a70466cf9794e40d5557a0db042217f2df

Files

56294f4833e3d9f7a59ced49779654a70466cf9794e40d5557a0db042217f2df
.exe windows:4 windows x86 arch:x86

49a1506e8585fa7efb5dbd0408145197

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetPropA
DrawIcon
GetMenuStringA
GetMenu
GetFocus
GetWindow
GetKeyNameTextA
EnableWindow
EnumThreadWindows
GetDC
EnumWindows
BeginDeferWindowPos
FillRect
ShowWindow
IsMenu
EnumChildWindows
GetScrollPos
CharToOemA
CreateWindowExA
BeginPaint
EndDeferWindowPos
GetMenuItemID
CharNextA
GetCapture
CheckMenuItem
IsWindowVisible
GetMenuItemInfoA
SetWindowTextA
GetMenuState
ClientToScreen
DeferWindowPos
GetDesktopWindow
CreateMenu
EndPaint
SetWindowPos
GetIconInfo
IsWindowEnabled
GetCursorPos
GetClipboardData
CallWindowProcA
GetCursor
MessageBoxA
SetWindowLongA
EqualRect
CharLowerA
DefFrameProcA
DrawMenuBar
CreateIcon
CharLowerBuffA
FrameRect
GetSubMenu
EnableMenuItem
CreatePopupMenu
DrawTextA
GetScrollRange
DefWindowProcA
DrawFrameControl
CallNextHookEx
ShowScrollBar
EnableScrollBar
GetActiveWindow
GetMenuItemCount
GetMessagePos
GetKeyState
GetSysColor
GetForegroundWindow
GetDCEx
IsDialogMessageA
GetParent
TrackPopupMenu
GetLastActivePopup
GetScrollInfo
HideCaret
SetTimer
SystemParametersInfoA
GetWindowTextA
RegisterClassA
FindWindowA
GetClassInfoA
IsChild
SetCursor
GetClientRect
GetClassLongA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

SetErrorMode
GetCPInfo
CloseHandle
ExitThread
Sleep
GetCurrentProcessId
SizeofResource
lstrcmpiA
LocalAlloc
MoveFileExA
GetFileAttributesA
LoadLibraryExA
GlobalFindAtomA
GetModuleFileNameA
FindResourceA
WaitForSingleObject
GetThreadLocale
EnumCalendarInfoA
lstrlenA
GetFullPathNameA
GetTickCount
SetEndOfFile
HeapAlloc
GetVersionExA
CompareStringA
GetProcessHeap
GetACP
GetFileType
GetLocaleInfoA
VirtualAlloc
ExitProcess
lstrcpynA
GetCurrentThreadId
VirtualAllocEx
GetStartupInfoA
FreeLibrary
GlobalDeleteAtom
FreeResource
GetStdHandle
InitializeCriticalSection
SetLastError
SetHandleCount
HeapFree
EnterCriticalSection
FormatMessageA
GetStringTypeA
CreateThread
LoadLibraryA
DeleteCriticalSection
WriteFile
GetCurrentThread

msvcrt

exit
srand
memmove
wcstol
memset
time
tolower
wcschr
clock
wcsncmp
atol
mbstowcs
rand
swprintf
malloc
sqrt
_acmdln
sprintf
memcpy
wcscspn
calloc

Sections

.data
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

49a1506e8585fa7efb5dbd0408145197

Headers

File Characteristics

Imports

user32

version

kernel32

msvcrt

Sections

.data Size: 37KB - Virtual size: 36KB

.init Size: 121KB - Virtual size: 121KB

.tls Size: 5KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 878B

.data
Size: 37KB - Virtual size: 36KB

.init
Size: 121KB - Virtual size: 121KB

.tls
Size: 5KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 878B