28b0252aac203a51004297ca521f132a

Sharing

Copy URL

Twitter E-mail

General

Target

28b0252aac203a51004297ca521f132a
Size

540KB
MD5

28b0252aac203a51004297ca521f132a
SHA1

9e3cbde94c4851e11d95ea92244d994568b01f05
SHA256

69a2f186e39d9d5405af02ae18892fe37e180e2f3097ba2d8fc3f2deae3489be
SHA512

4f16b9e54d610c1ea2ab56d1fdf6d7f781f939413624c1f317cb637e59bafa3d791dee22b36b52d1b9caf60d17552f12a4b73d565dde4b5e2437523c862fe656
SSDEEP

12288:ooiClQnusSUrsQ8tDmCZ8IsM5HNnwjkv/o/zc8607Te+2rM4miTTidKvdiTJA8:8zSDmK8Atnwjso7c862slXGVJA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28b0252aac203a51004297ca521f132a

Files

28b0252aac203a51004297ca521f132a
.exe windows:4 windows x86 arch:x86

1c063969c8335154c0c5f6777fa832fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExW
RealShellExecuteA
ExtractIconW

wininet

HttpEndRequestW
ResumeSuspendedDownload
InternetSetFilePointer
FtpGetCurrentDirectoryA
FtpFindFirstFileW
InternetCreateUrlW
FindNextUrlCacheContainerW
HttpEndRequestA

comctl32

InitCommonControlsEx

user32

GetUserObjectInformationW
CharUpperW
ClipCursor
CallMsgFilterA
SetClipboardViewer
RegisterClassA
GetMenu
DrawFocusRect
VkKeyScanA
PostThreadMessageW
OffsetRect
GetKeyboardState
MsgWaitForMultipleObjectsEx
MoveWindow
RegisterClassExA
GetWindowDC
TrackPopupMenuEx
DdeNameService
CloseClipboard
EnumChildWindows
IsCharUpperA
GetCursorInfo
IsWindowUnicode
CheckMenuItem

kernel32

VirtualQuery
GetThreadPriorityBoost
QueryPerformanceCounter
GetTimeFormatW
GetProcessHeap
TlsAlloc
CloseHandle
GetVersionExA
FreeLibrary
HeapFree
FreeEnvironmentStringsA
LoadLibraryExA
GetProcAddress
WriteConsoleA
HeapDestroy
GetPrivateProfileSectionNamesW
HeapAlloc
GetStringTypeA
GetLastError
GetConsoleOutputCP
GetStartupInfoW
GetOEMCP
SetLastError
SetConsoleCtrlHandler
LCMapStringW
GetCurrentThreadId
GetStdHandle
GetCommandLineA
GetConsoleCP
GetExitCodeThread
GetLocaleInfoA
InterlockedIncrement
FindFirstFileExW
FreeEnvironmentStringsW
CompareStringA
GetCurrentProcessId
WriteFile
GetCurrentThread
TerminateProcess
HeapCreate
ReadFile
VirtualFree
LCMapStringA
SetStdHandle
InterlockedExchange
GetSystemDefaultLangID
ExitProcess
CompareStringW
UnhandledExceptionFilter
MultiByteToWideChar
GetEnvironmentStringsW
GetStartupInfoA
CreateFileA
EnterCriticalSection
SetFilePointer
VirtualAlloc
LoadLibraryA
GetTickCount
WriteConsoleW
EnumSystemLocalesA
SetConsoleCursorPosition
GetFileType
IsValidLocale
InterlockedDecrement
SetEnvironmentVariableA
GetEnvironmentStrings
HeapReAlloc
GetModuleFileNameA
Sleep
TlsFree
GetConsoleMode
TlsSetValue
GetNamedPipeInfo
TlsGetValue
FlushFileBuffers
GetCurrentProcess
GetCommandLineW
GetTimeFormatA
GetACP
IsDebuggerPresent
GetCPInfo
GetLocaleInfoW
DeleteCriticalSection
GetStringTypeW
RtlUnwind
GetUserDefaultLCID
WideCharToMultiByte
GetModuleFileNameW
SetUnhandledExceptionFilter
GetModuleHandleA
LeaveCriticalSection
OpenMutexA
GetTimeZoneInformation
CreateMutexA
GetSystemTimeAsFileTime
SetHandleCount
GetDateFormatA
IsValidCodePage
HeapSize
InitializeCriticalSection

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c063969c8335154c0c5f6777fa832fe

Headers

File Characteristics

Imports

shell32

wininet

comctl32

user32

kernel32

Sections

.text Size: 390KB - Virtual size: 390KB

.rdata Size: 26KB - Virtual size: 41KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 390KB - Virtual size: 390KB

.rdata
Size: 26KB - Virtual size: 41KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 14KB - Virtual size: 13KB