28bb3bf4ea71181729c891befb091cb2

Sharing

Copy URL Twitter E-mail

General

Target

28bb3bf4ea71181729c891befb091cb2
Size

553KB
MD5

28bb3bf4ea71181729c891befb091cb2
SHA1

92432ba2b144168ad7ac397b7fd6620f5a116575
SHA256

c962c41df48dc86e6f8246bc75ee8099127966940d62f419a7b81f6c744d51f4
SHA512

f52d829d74367d862fbe28c6ddccaf6720771dcab9e6001c3ff597ebded3d89ee09c57cd57e90454e1554b116b4eb31ef96bfdb81f8b6a9afc76d67e52743ef5
SSDEEP

6144:omrT/qjRo64247e+QAtMmHuLJHVE7dtuAtabbc9/qNMdhzCeSy8RCuOom16G36ys:LGvX4KXUugkwdyy3BomwKMziu7NNJXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28bb3bf4ea71181729c891befb091cb2

Files

28bb3bf4ea71181729c891befb091cb2
.exe windows:4 windows x86 arch:x86

9fef9ca417374ce55fbc11ae30a49536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassInfoA
DialogBoxIndirectParamA
RegisterClassA
CreateDesktopA
RegisterClassExA
GetDC
DlgDirSelectExW
RegisterWindowMessageA
WinHelpA
SetScrollRange
LoadStringW
EnumWindows
DdeUninitialize
wsprintfW
IsDialogMessageA
SetThreadDesktop

kernel32

GetCurrentProcessId
GetLocaleInfoA
GetDateFormatA
CompareStringA
EnterCriticalSection
SetHandleCount
GetUserDefaultLCID
RtlMoveMemory
VirtualProtect
CopyFileExA
GetFileType
VirtualQuery
VirtualFree
EnumSystemLocalesA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoA
GetVersionExA
SetStdHandle
WriteFile
GetSystemInfo
HeapCreate
TlsAlloc
GetSystemTimeAsFileTime
GetEnvironmentStrings
GlobalCompact
LoadLibraryA
InitializeCriticalSection
GetTickCount
CloseHandle
GetProcAddress
FillConsoleOutputAttribute
FreeEnvironmentStringsA
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
WritePrivateProfileStringA
GetStringTypeA
FillConsoleOutputCharacterW
WideCharToMultiByte
GetACP
IsBadWritePtr
InterlockedExchange
TlsSetValue
OpenMutexA
FlushConsoleInputBuffer
GetEnvironmentStringsA
HeapSize
ExitProcess
TlsFree
CreateMutexA
TerminateProcess
GetLastError
UnlockFileEx
LeaveCriticalSection
LCMapStringW
HeapReAlloc
SetEnvironmentVariableA
GetModuleFileNameA
ResetEvent
GetCurrencyFormatW
GlobalDeleteAtom
GetModuleHandleA
TlsGetValue
GetCPInfo
QueryPerformanceCounter
SetLastError
UnhandledExceptionFilter
SetFilePointer
IsValidLocale
DeleteCriticalSection
IsValidCodePage
ReadFile
HeapDestroy
GetCurrentThreadId
HeapAlloc
RtlUnwind
CompareStringW
HeapFree
GetCurrentThread
GetCommandLineA
GetOEMCP
LCMapStringA
MultiByteToWideChar
GetLocaleInfoW
GetStdHandle
WriteProfileSectionA
GetTimeFormatA
GetCurrentProcess
GetPrivateProfileIntA
VirtualAlloc

gdi32

GetRgnBox
GetDCOrgEx
ArcTo
GetRegionData
GetEnhMetaFilePaletteEntries

comctl32

InitCommonControlsEx

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fef9ca417374ce55fbc11ae30a49536

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 8KB - Virtual size: 19KB

.data Size: 357KB - Virtual size: 356KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 8KB - Virtual size: 19KB

.data
Size: 357KB - Virtual size: 356KB

.rsrc
Size: 4KB - Virtual size: 3KB