28431be60bec99e9a0d9870590410f96

Sharing

Copy URL Twitter E-mail

General

Target

28431be60bec99e9a0d9870590410f96
Size

433KB
MD5

28431be60bec99e9a0d9870590410f96
SHA1

54ce7f101bf656e68f34a253d4a87873dd3d96a6
SHA256

6792c110b4ff9201ed30980e94109a937827f84d0c3cbf4552d8097d18f8108f
SHA512

9bbb44b7daa9b01cd183d63780b4dc010d27c22fdf123d7ba79aa2bc655c193d569cdce713b9a22ef851186a3b916a05ad2ac0a1a9c9cf4b212fdfe24df24141
SSDEEP

12288:uFsvfKLXQe2eBdqQtPrlzvgm4NzCpO/rqzLErTVsFf:uFsvCr375tPRzgCyqzArTiF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28431be60bec99e9a0d9870590410f96

Files

28431be60bec99e9a0d9870590410f96
.exe windows:4 windows x86 arch:x86

284d64ece222cd5e223008424561abac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
HeapCreate
HeapSize
SetHandleCount
GetProcAddress
InitializeCriticalSection
HeapReAlloc
SetUnhandledExceptionFilter
CompareStringA
GetProcessHeap
GetCurrentProcessId
TlsAlloc
SetConsoleScreenBufferSize
GetCurrentThread
TlsFree
WriteFile
InterlockedDecrement
LCMapStringA
TlsGetValue
LCMapStringW
GetEnvironmentStringsW
VirtualFree
EnterCriticalSection
GetTimeFormatA
IsDebuggerPresent
LockFile
GetLocaleInfoW
GetProfileStringA
LoadLibraryW
ExitProcess
GetTickCount
CompareStringW
Sleep
HeapFree
FreeLibrary
GetModuleFileNameA
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
FreeEnvironmentStringsW
VirtualAlloc
GetCommandLineW
DeleteCriticalSection
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetACP
GetDateFormatA
GetLastError
MultiByteToWideChar
TlsSetValue
HeapDestroy
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetCPInfo
CommConfigDialogW
GetSystemTime
GetCommandLineA
GetEnvironmentStrings
ReadConsoleOutputCharacterA
SetEnvironmentVariableA
IsValidCodePage
GetStringTypeW
FlushFileBuffers
GetFileType
SetConsoleCtrlHandler
CreatePipe
GetVersionExA
SetLastError
GetLocaleInfoA
UnhandledExceptionFilter
InterlockedExchange
GetStartupInfoA
GetOEMCP
FreeEnvironmentStringsA
IsValidLocale
SetFileTime
GetFileAttributesExW
InterlockedIncrement
GetUserDefaultLCID
HeapAlloc
LeaveCriticalSection
InterlockedCompareExchange
lstrcmpi
GetTimeZoneInformation
VirtualQuery
GetModuleHandleA

shell32

ExtractIconExA
ExtractAssociatedIconA
SHGetDataFromIDListW
SHFileOperationW
SHFormatDrive
SHGetSpecialFolderPathW
DragQueryFileAorW
RealShellExecuteExW
SHEmptyRecycleBinA
SHGetFileInfoA
RealShellExecuteExA
ShellExecuteEx
RealShellExecuteA
SheChangeDirExW
SHGetNewLinkInfo
SHGetDiskFreeSpaceA
ShellAboutW
SheChangeDirA
SHFileOperation
CommandLineToArgvW
DoEnvironmentSubstW
SHUpdateRecycleBinIcon
SHGetPathFromIDListA
ExtractIconExW
ShellExecuteExW

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

284d64ece222cd5e223008424561abac

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 153KB - Virtual size: 152KB

.data Size: 273KB - Virtual size: 273KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 153KB - Virtual size: 152KB

.data
Size: 273KB - Virtual size: 273KB

.rsrc
Size: 5KB - Virtual size: 5KB