280ffe6726d5e108136ef654ca6de1be

Sharing

Copy URL Twitter E-mail

General

Target

280ffe6726d5e108136ef654ca6de1be
Size

524KB
MD5

280ffe6726d5e108136ef654ca6de1be
SHA1

ca06326cf871366842c4afe95c368033832cecf9
SHA256

d7ebc2a041e2ab189133862d8311b133d37929c6b58bf3dc822d34926b2651f0
SHA512

9981070d2108ef377d4c21ed936bd5237913ac67c32afa94380012f342f47e1663c1a1b586f985d660423ad4afb3e9c9a90c1a0b9e1e3c722becbf7861208281
SSDEEP

12288:wZXbydEPuZ33lsObHmZPyP8rog3tBMvKG5Ub6eQ9:KudEWGOb5XcM+b6b9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280ffe6726d5e108136ef654ca6de1be

Files

280ffe6726d5e108136ef654ca6de1be
.exe windows:4 windows x86 arch:x86

d9df096feda03344ca45fcb2875dc3f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ModifyMenuW
RegisterClassExA
RegisterClassA
DdeUninitialize
GetQueueStatus
GetClassInfoA
LoadCursorFromFileW
CharLowerBuffW

comctl32

InitCommonControlsEx

kernel32

SetHandleCount
DebugBreak
CloseHandle
VirtualFree
GetCurrentProcess
GetStringTypeA
GetSystemTimeAsFileTime
ReadFile
InitializeCriticalSection
WaitForSingleObjectEx
GetCommandLineA
GetCommandLineW
SetConsoleCtrlHandler
VirtualQuery
HeapFree
InterlockedIncrement
SetPriorityClass
TlsAlloc
FindNextFileA
GetSystemInfo
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
WaitForMultipleObjectsEx
LCMapStringW
RemoveDirectoryA
CompareStringW
DeleteCriticalSection
GetEnvironmentStringsW
GetTimeFormatA
LockFile
LoadLibraryA
SetLastError
GetTickCount
TlsFree
GetTimeZoneInformation
GetLocaleInfoW
GetFileType
FlushFileBuffers
GetCPInfo
WideCharToMultiByte
GetStringTypeW
GetFullPathNameW
GetModuleFileNameW
ExitProcess
OutputDebugStringW
RtlFillMemory
WriteFile
GetDateFormatA
GetPrivateProfileIntW
MultiByteToWideChar
TlsGetValue
EnterCriticalSection
InterlockedDecrement
MapViewOfFileEx
GetProfileStringA
SetCriticalSectionSpinCount
IsBadWritePtr
VirtualAllocEx
CreateWaitableTimerA
RtlUnwind
InterlockedExchange
FileTimeToDosDateTime
GetModuleFileNameA
OutputDebugStringA
TlsSetValue
VirtualAlloc
GetLocaleInfoA
HeapAlloc
IsValidCodePage
GetLastError
SetStdHandle
GetStartupInfoW
GetEnvironmentStrings
UnhandledExceptionFilter
GetCurrentThreadId
EnumResourceTypesW
GetProcAddress
FindFirstFileExW
HeapValidate
SetEnvironmentVariableA
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsW
SetTimeZoneInformation
LeaveCriticalSection
GetCurrentThread
LCMapStringA
LoadLibraryW
EnumSystemLocalesA
IsBadReadPtr
IsValidLocale
GetACP
GetThreadPriorityBoost
GetVersionExA
CompareStringA
GetCurrentProcessId
TerminateProcess
lstrcmpW
GetUserDefaultLCID
GetCurrentDirectoryW
OpenMutexA
HeapCreate
GetOEMCP
FreeEnvironmentStringsA
HeapReAlloc
HeapDestroy
SetFilePointer
CreateMutexA

comdlg32

GetFileTitleW

advapi32

CryptDecrypt
RegNotifyChangeKeyValue
LookupPrivilegeNameW
CryptEnumProvidersA
CryptGetHashParam
RegOpenKeyExA
RegOpenKeyA
RegSaveKeyW
CryptSetProvParam
CryptVerifySignatureA
RegSetKeySecurity
InitiateSystemShutdownW
RegConnectRegistryW
RegCloseKey
ReportEventA
LookupPrivilegeNameA
CryptImportKey
RegRestoreKeyA
CryptGetKeyParam
RegSetValueExA
RegCreateKeyW

Sections

.text
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9df096feda03344ca45fcb2875dc3f6

Headers

File Characteristics

Imports

user32

comctl32

kernel32

comdlg32

advapi32

Sections

.text Size: 347KB - Virtual size: 347KB

.rdata Size: 56KB - Virtual size: 62KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 347KB - Virtual size: 347KB

.rdata
Size: 56KB - Virtual size: 62KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 17KB - Virtual size: 16KB