728d2138908508edeccac957f0234d98

Sharing

Copy URL

Twitter E-mail

General

Target

728d2138908508edeccac957f0234d98
Size

246KB
MD5

728d2138908508edeccac957f0234d98
SHA1

03d25e3f0c0381ebafa4dd7bf6eb8fe84276fc78
SHA256

e20ef2cca18c605202700d134fb9827afa8bceaad38574a638d66aad88dac506
SHA512

a70bdd5d415d5f107e0420f0803137df071aeaa22ab5a28ab60a9f41678053fef35196a007f72403ebd00096e6e3f24278a9324f8a382311f69208fd4c1f3d09
SSDEEP

6144:HRX81m+c2ZAYtR5FxHckWp/GxVsqZhvKDpT:HWs2ZjP5zIg1ZZIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
728d2138908508edeccac957f0234d98

Files

728d2138908508edeccac957f0234d98
.exe windows:4 windows x86 arch:x86

6482a14b768c8904960004919145c5e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumValueW
RegOpenKeyExA
RegSetValueW

user32

CallNextHookEx
EndPaint
GetWindowTextLengthW
SetScrollInfo
EnableMenuItem
AppendMenuW
InvalidateRect
GetIconInfo
SystemParametersInfoW
UpdateWindow
CreateWindowExW
TranslateAcceleratorW
IsWindowVisible
CreateAcceleratorTableW
GetSystemMenu
SetTimer
MsgWaitForMultipleObjects
MapWindowPoints
CreatePopupMenu
OpenClipboard
GetClipboardData
GetSystemMetrics
CloseClipboard
DefWindowProcW
GetWindowLongW
ReleaseDC
EnumClipboardFormats
GetClassNameW
DispatchMessageW
ClientToScreen
UnionRect
GetForegroundWindow
CreateMenu
GetSubMenu
MoveWindow
SetForegroundWindow
PeekMessageW
TranslateMDISysAccel
LoadImageW
DestroyMenu
SetWindowTextW
DefFrameProcW
GetParent
PostQuitMessage

kernel32

InterlockedIncrement
GetStringTypeW
InterlockedDecrement
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
LeaveCriticalSection
HeapAlloc
GetCPInfo
MultiByteToWideChar
LoadLibraryA
GetProcAddress
LCMapStringW
LCMapStringA
GetStringTypeA
GetCurrentThreadId
GetFileType
GetStartupInfoA
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
GetCurrentProcess
ExitProcess
TerminateProcess
FreeEnvironmentStringsA
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
GetVersionExA
GetModuleHandleA
GetEnvironmentVariableA
SetLastError
TlsAlloc
GetLastError
RtlUnwind
HeapFree
HeapCreate
VirtualFree
InitializeCriticalSection
WriteFile
EnterCriticalSection
GetVersion
SetFilePointer
GetCommandLineA
TlsSetValue
CreateFiber
SwitchToFiber
TerminateThread
TlsGetValue
CreateFileA
CreateFileW
TlsFree

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6482a14b768c8904960004919145c5e1

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 81KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 81KB

.rsrc
Size: 4KB - Virtual size: 2KB