55bd1c5785a345b76c91a3e29d39844480bec839b9e38944172c8de3891517f8N

Sharing

Copy URL

Twitter E-mail

General

Target

55bd1c5785a345b76c91a3e29d39844480bec839b9e38944172c8de3891517f8N
Size

664KB
MD5

b4fc0dc3a6a8e197d872b999a0c5bef0
SHA1

626c435ae89ca346840e3a52906b4a798f2e2123
SHA256

55bd1c5785a345b76c91a3e29d39844480bec839b9e38944172c8de3891517f8
SHA512

6a085b44902bf07b9eaee78b83bce11256648e339c7fb7285fde3c77cb2554d3e107ca8e503d9ae00133cba3eacd4a2a5a10544274041aa9d9e05f27042c3237
SSDEEP

12288:uHTfYOqd2u2K0a4ZMPZMalMySzzUbva6TlFKReL8hmjqVQZw/dg:YL1a0MPZhlCzia6fKReLWmeg4i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55bd1c5785a345b76c91a3e29d39844480bec839b9e38944172c8de3891517f8N

Files

55bd1c5785a345b76c91a3e29d39844480bec839b9e38944172c8de3891517f8N
.exe windows:4 windows x86 arch:x86

976a2e3680903cb20d796e07f6810cf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
SetPriorityClass
GetCurrentProcess
GetModuleFileNameA
ExitProcess
GetSystemDefaultLangID
Sleep
SetThreadLocale
EnumResourceLanguagesA
WideCharToMultiByte
FormatMessageA
CreateFileA
GetVersion
DeviceIoControl
SetFilePointer
FindResourceExA
WriteFile
ReadFile
WaitForMultipleObjects
ResetEvent
GetOverlappedResult
ReleaseMutex
SetEvent
WaitForSingleObject
CloseHandle
CreateEventA
CreateMutexA
CreateThread
SetThreadPriority
FindResourceA
GetLastError
SizeofResource
GetLocaleInfoW
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
LoadLibraryA
SetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
LCMapStringW
LCMapStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
DeleteFileA
IsValidLocale
GetStringTypeW
GetStringTypeA
GetProcAddress
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
GetLocalTime
GetSystemTime
GetOEMCP
LoadResource
LockResource
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetDateFormatW
GetTimeFormatW
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation

gdi32

CreateFontIndirectA
GetTextFaceA
GetTextExtentPoint32W
SetBkColor
SetROP2
GetTextMetricsA
GetTextAlign
TextOutA
Rectangle
SetTextColor
SetBkMode
SetTextAlign
TextOutW
CreateICA
DeleteDC
GdiFlush
BeginPath
EndPath
FillPath
MoveToEx
LineTo
SetPixel
CreatePen
CreateSolidBrush
SelectObject
DeleteObject
GetStockObject

user32

TranslateMessage
FillRect
InflateRect
CopyRect
OffsetRect
SetRect
KillTimer
PostQuitMessage
SetTimer
MessageBoxA
SetCursor
LoadStringA
PeekMessageA
BeginPaint
EndPaint
GetWindowLongA
DefWindowProcA
GetSysColorBrush
RegisterClassA
AdjustWindowRect
SystemParametersInfoA
GetClientRect
CreateWindowExA
CreateWindowExW
SetFocus
SetWindowLongA
DispatchMessageA
GetMessageA
ShowWindow
DestroyWindow
GetKeyState
LoadIconA
SendMessageA
PtInRect
DrawIcon
DrawTextA
GetSysColor
IntersectRect
SetRectEmpty
UnionRect
GetIconInfo
DrawIconEx
SetCursorPos
GetSystemMetrics
LoadCursorA
GetParent
GetWindowRect
SetWindowPos
wsprintfA
GetCursorPos
PostMessageA

winmm

timeKillEvent
timeSetEvent

ddraw

DirectDrawCreate

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 368KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

976a2e3680903cb20d796e07f6810cf8

Headers

File Characteristics

Imports

kernel32

gdi32

user32

winmm

ddraw

comdlg32

advapi32

Sections

.text Size: 368KB - Virtual size: 364KB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 28KB - Virtual size: 268KB

.rsrc Size: 148KB - Virtual size: 147KB

.text
Size: 368KB - Virtual size: 364KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 28KB - Virtual size: 268KB

.rsrc
Size: 148KB - Virtual size: 147KB