28ccb083f554d6f31725dcf122c45e01

Sharing

Copy URL Twitter E-mail

General

Target

28ccb083f554d6f31725dcf122c45e01
Size

143KB
MD5

28ccb083f554d6f31725dcf122c45e01
SHA1

372ef820aa10f9d50651e32f63d488160045b0c3
SHA256

e6efe6bb2fb366d0583bd4bb94a8a386b613db345eef225bc6f76c335d2864ac
SHA512

e41fc1f9ad3db8515ff3ecb57bdbbd111aea314ce1a537287a28b2e8f11d87553dfbecfb24ed65517d845b457a451e8d3565198d21a28ada4d5324f3e52dda54
SSDEEP

3072:L13Ez4hUnMqMCvxDTFRjvA2SLw0tQUdw3KulUDg2:L1Uz4hRqDvZutMF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28ccb083f554d6f31725dcf122c45e01

Files

28ccb083f554d6f31725dcf122c45e01
.exe windows:5 windows x86 arch:x86

f5870f5c6f04db0136b5f802f321e656

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
ExitThread
GetDriveTypeW
lstrcpyW
GetProcessHeap
VirtualAlloc
GetVersionExA
LocalFileTimeToFileTime
VirtualProtect
SetHandleCount
DeleteFileW
HeapReAlloc
GetProcAddress
GetComputerNameA
SystemTimeToFileTime
WriteFileGather
GetTempPathA
GlobalSize
CreateFileW
VirtualFree
FormatMessageW
GetNumberFormatW
GlobalAlloc
SetErrorMode
WaitForSingleObject
WriteFileEx
DeleteTimerQueueTimer
ReleaseMutex
CreateEventA
OutputDebugStringA
lstrcmpW
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA

msvcrt

memset
malloc
_wcmdln
exit
_onexit
fprintf
strpbrk
_exit
wcstok
_CxxThrowException
_controlfp
wcsrchr
__setusermatherr
_wcsnicmp
memmove

user32

wsprintfA
DrawTextW
IsWindowEnabled
PostMessageW
PostThreadMessageW
DrawEdge
GetProcessWindowStation
GetMessageW
FillRect
IntersectRect
DefDlgProcW
MsgWaitForMultipleObjects
LoadCursorW
CopyRect
UnregisterClassW
SetDlgItemInt
EnableWindow
RegisterWindowMessageW
SendDlgItemMessageW
FrameRect
RegisterClassW
SystemParametersInfoA
CreateDialogParamW
SetWindowTextA
GetSystemMenu

gdi32

RealizePalette
CreatePen
GetObjectA
SetWindowExtEx
StretchBlt
SetTextAlign
SetStretchBltMode
CreateBitmap
CreateRoundRectRgn
DeleteDC
DeleteObject
GetTextExtentPointW
CreateCompatibleDC
SelectPalette
GetRegionData
ExtTextOutW
CreateCompatibleBitmap
MoveToEx
Rectangle
GetTextMetricsW
SelectObject

tapi32

lineGetIDW
lineCompleteCall
tapiRequestMediaCallA
phoneGetLamp
lineAddProviderW
lineSetAgentMeasurementPeriod
MMCInitialize
phoneShutdown

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5870f5c6f04db0136b5f802f321e656

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 36B

.data Size: 51KB - Virtual size: 51KB

.edata Size: 39KB - Virtual size: 38KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 142B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 36B

.data
Size: 51KB - Virtual size: 51KB

.edata
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 142B