28224c098ed3292ad04a05b73ec4d391

Sharing

Copy URL

Twitter E-mail

General

Target

28224c098ed3292ad04a05b73ec4d391
Size

222KB
MD5

28224c098ed3292ad04a05b73ec4d391
SHA1

e516997d04b9f55407e3ac064f30ad559bd95207
SHA256

eafb6b661474c21efa0c6d9f16b8bdb55399778cd57e1aa71c7efbd78b6b3785
SHA512

5254ec2998dfc23288c97270f4cf17c219d3e4fb01c1600158512c25b77af6f2e79f7dcbb57f39fa67d9966f362af3472d0c3bd673db081c4419075fb4b3a278
SSDEEP

6144:tB6Im3lgv4UYCTGwCwibHsa+W/foR9+lHdgUNRjUd:t8IJqwCw6sa+W/gilGUjjUd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28224c098ed3292ad04a05b73ec4d391

Files

28224c098ed3292ad04a05b73ec4d391
.exe windows:4 windows x86 arch:x86

a71724c14c6a9ff6cbc9c5ed1f2dc085

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsMenu
DialogBoxParamW
BlockInput
AppendMenuA
CreateIcon
AlignRects
LoadCursorA
LoadMenuA
DrawIconEx
EndDialog
CopyIcon
GetDC
InsertMenuA
DialogBoxParamA
DrawTextW
CopyImage
GetCursor
DrawTextA
CopyRect

kernel32

GetStringTypeW
lstrlenA
GetLastError
GetCommandLineA
HeapFree
lstrcpynA
lstrcmpA
GetFileAttributesA
GetModuleHandleA
FreeLibrary
GetCPInfo
SetLastError
GetFileSize
lstrcpyA
GetModuleFileNameA
Sleep

comctl32

ImageList_Replace
ImageList_Draw
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_GetDragImage
InitCommonControls
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_GetImageRect
ImageList_DragEnter
ImageList_Merge
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_DragLeave
ImageList_AddIcon

advapi32

RegLoadKeyA
RegEnumKeyExW
RegGetKeySecurity
RegFlushKey
RegQueryValueExA
RegDeleteValueW
RegOpenKeyA
RegEnumKeyA
RegCreateKeyExA
RegEnumValueW
RegCreateKeyW
RegQueryValueA
RegOpenKeyW
RegReplaceKeyW
RegCreateKeyExW
RegEnumValueA
RegLoadKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegReplaceKeyA

Sections

.oVQWE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zVhwtB
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xvOoI
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EspUjJ
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CJylGk
Size: 1024B - Virtual size: 385B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a71724c14c6a9ff6cbc9c5ed1f2dc085

Headers

File Characteristics

Imports

user32

kernel32

comctl32

advapi32

Sections

.oVQWE Size: 12KB - Virtual size: 11KB

.zVhwtB Size: 198KB - Virtual size: 198KB

.xvOoI Size: 5KB - Virtual size: 14KB

.EspUjJ Size: 1024B - Virtual size: 1KB

.CJylGk Size: 1024B - Virtual size: 385B

.oVQWE
Size: 12KB - Virtual size: 11KB

.zVhwtB
Size: 198KB - Virtual size: 198KB

.xvOoI
Size: 5KB - Virtual size: 14KB

.EspUjJ
Size: 1024B - Virtual size: 1KB

.CJylGk
Size: 1024B - Virtual size: 385B