280a94d96873fe09c440d09333f4cd1b

Sharing

Copy URL Twitter E-mail

General

Target

280a94d96873fe09c440d09333f4cd1b
Size

91KB
MD5

280a94d96873fe09c440d09333f4cd1b
SHA1

b23b5399ba87833c6e1d027fa78a7f48f500487d
SHA256

73e3dfcfabcb62f6c21f8ff5bb43e3e5d602c8b36d74fe208458154d87de3730
SHA512

e92d29d6d06ac285e9bdd669504d69cfa55e3a742b4e0c62d914466777b6cc6874faa69970022c63929951f86a48e356d70a3652ea5502e0a12a341152dddc6a
SSDEEP

1536:RWAgHCyz8+ac2aSpJzqYXgil/xUD2ohpaZhuRQLvCA4PzDadNpETdwXCEXM8K52N:gayz8+ac295qY3kCYShuRovCA8HaduC2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280a94d96873fe09c440d09333f4cd1b

Files

280a94d96873fe09c440d09333f4cd1b
.exe windows:5 windows x86 arch:x86

18b020f03bb8365d9a7ff957525074cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Read
ImageList_Write

ntdll

RtlUnwind

version

VerFindFileA
GetFileVersionInfoA
VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

LocalFree
WriteFile
GetStdHandle
CreateNamedPipeA
FindClose
CloseHandle
HeapAlloc
QueryPerformanceCounter
HeapFree
GetProfileStringW
GetProcessHeap
InitializeCriticalSection
Sleep
LeaveCriticalSection
GetNamedPipeInfo
Beep
MulDiv
LocalReAlloc
CompareStringW
ExitThread
RaiseException
InterlockedExchange
GetLastError
EnterCriticalSection
GetLocalTime
LoadLibraryA
OpenThread
GetFileType
DeleteCriticalSection

user32

CreateIcon
GetForegroundWindow
MoveWindow
GetWindow
CreateIconIndirect
GetActiveWindow
ReleaseDC
GetDC
DrawTextA
ShowWindow

gdi32

ExtCreatePen
SelectObject
CreateCompatibleDC
MaskBlt
SetMapMode

msvcrt

memset

Exports

Exports

_CreateSweetPlace@16
_GetAwayFromMe@20

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18b020f03bb8365d9a7ff957525074cb

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

ntdll

version

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 40B

DATA Size: 512B - Virtual size: 512B

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 512B - Virtual size: 268B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 40B

DATA
Size: 512B - Virtual size: 512B

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 512B - Virtual size: 268B