55213c53c0003cd0221db3268a995f434490142f4b880a1c26c4b00125ac5e36

Sharing

Copy URL Twitter E-mail

General

Target

55213c53c0003cd0221db3268a995f434490142f4b880a1c26c4b00125ac5e36
Size

500KB
MD5

312d3e1eb25bb07a9e461f3b45de1738
SHA1

94cef21dfa8bbd445ec61e239564d44e2024a205
SHA256

55213c53c0003cd0221db3268a995f434490142f4b880a1c26c4b00125ac5e36
SHA512

5c2eaaed7c9a76b2b0625ebde70fbd7cd9d6893c33e60f63975196387109749bdc435a68ba29cd1a8e2b756fc427f6570b806cd7eab7c6aa2c0f86411709327b
SSDEEP

12288:JIcF3JA9o/kLgTdgD7KaQ4krVRU/h1IkbHV:JIcZm9+kUB4kEnjbH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55213c53c0003cd0221db3268a995f434490142f4b880a1c26c4b00125ac5e36

Files

55213c53c0003cd0221db3268a995f434490142f4b880a1c26c4b00125ac5e36
.exe windows:4 windows x86 arch:x86

abf4c07451b76abf63caaff4e1772db0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
RtlUnwind
TerminateProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetVersionExA
GetCurrentDirectoryA
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringA
SetErrorMode
GetProfileStringA
MoveFileExA
LocalLock
LocalUnlock
GlobalUnlock
GetFileTime
GetFileSize
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
GetLastError
GlobalReAlloc
lstrcpynA
lstrcmpA
FormatMessageA
LocalFree
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetTickCount
DeleteFileA
RemoveDirectoryA
CreateFileA
WriteFile
CloseHandle
ExitProcess
GetSystemDirectoryA
GetVolumeInformationA
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcatA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
GetFileAttributesA
SetFileAttributesA
WinExec
WideCharToMultiByte
lstrlenA
GlobalAlloc
lstrcpyA
GlobalLock
HeapDestroy

user32

CopyAcceleratorTableA
CharNextA
GetSysColorBrush
LoadCursorA
PtInRect
GetClassNameA
LoadStringA
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
GetMessageA
GetActiveWindow
ValidateRect
GetCursorPos
PostQuitMessage
CharUpperA
GetDesktopWindow
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
GetNextDlgGroupItem
SetDlgItemTextA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
CopyRect
DrawFocusRect
UnregisterClassA
IsWindowVisible
MessageBeep
RegisterClipboardFormatA
GetTopWindow
MessageBoxA
IsChild
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetSysColor
FillRect
GetSystemMetrics
DestroyMenu
SendMessageA
IsDialogMessageA
PostThreadMessageA
RedrawWindow
GetSubMenu
LoadMenuA
IsWindow
ReleaseDC
GetTabbedTextExtentA
GetDC
EnableWindow
DispatchMessageA
TranslateMessage
PeekMessageA
UpdateWindow
InvalidateRect
SetCursor
LoadIconA
GetWindowRect
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
IsIconic
DrawStateA
GetFocus
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetRect
GetWindowTextA
InflateRect

gdi32

PatBlt
GetMapMode
LPtoDP
DPtoLP
GetBkColor
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
RoundRect
CreatePen
DeleteObject
CreateSolidBrush
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
GetStockObject
GetTextExtentPoint32A
CreateFontIndirectA
GetTextColor

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA

shell32

ShellExecuteA
ShellExecuteExA
SHChangeNotify

comctl32

ord17
_TrackMouseEvent

oledlg

ord8

ole32

OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleUninitialize
CoRegisterMessageFilter
CoFreeUnusedLibraries
CoTaskMemAlloc
CoCreateInstance
OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree

olepro32

ord253

oleaut32

VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString
VariantChangeType
VariantTimeToSystemTime
VariantClear

odbc32

ord48
ord49
ord20
ord17
ord59
ord8
ord44
ord19
ord46
ord12
ord68
ord43
ord41
ord2
ord1
ord50
ord45
ord51
ord15
ord9
ord14
ord3
ord11
ord18
ord13
ord61
ord16
ord5
ord10

iphlpapi

GetAdaptersInfo

shlwapi

PathFileExistsA

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 265.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abf4c07451b76abf63caaff4e1772db0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

iphlpapi

shlwapi

Sections

.text Size: 368KB - Virtual size: 366KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 48KB - Virtual size: 265.4MB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 368KB - Virtual size: 366KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 48KB - Virtual size: 265.4MB

.rsrc
Size: 12KB - Virtual size: 11KB