28cee5895938bb8066c98723cf52d715 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28cee5895938bb8066c98723cf52d715
Size

23KB
MD5

28cee5895938bb8066c98723cf52d715
SHA1

731f22e162b064f4f024f73aac09b20d1148df3b
SHA256

631eb761c8d79bac225444be56420eb42f9f94cdcdd4c26fa57609905f713d59
SHA512

c0ac97ab3f4d841c692bf84b0ca77760093060676f8c6bb653fafa254d101afedd5c1358cf36ce47676f3f73a52bc2d884853ebbc596c14c58a3733b2009b140
SSDEEP

384:GHF4pc01KPwVYNzpA745QhcW3ZyoY2kx7N64OaTrJISUeO7yIXz9iaaDomWSF4iH:GHKOzPwuWcWxkoZgZ0UJ2xG1JH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28cee5895938bb8066c98723cf52d715

Files

28cee5895938bb8066c98723cf52d715
.exe windows:4 windows x86 arch:x86

2ad09f2f8da43f32181af456061e2a37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
SetDlgItemTextA
GetWindow
SetWindowPlacement
RedrawWindow
RegisterClassExA
GetWindowPlacement
InflateRect
BeginDeferWindowPos

msvcrt

_except_handler3
fopen
strcmp
strlen
atoi
wcsstr
ftell
free
realloc

advapi32

RegOpenKeyA
RegConnectRegistryA
SetTokenInformation
MapGenericMask
SetKernelObjectSecurity
AllocateAndInitializeSid
LookupPrivilegeValueW
GetKernelObjectSecurity
QueryServiceObjectSecurity

gdi32

SetTextAlign
ExtTextOutA
RestoreDC
CreateDIBSection
SetTextColor
StartPage
RectInRegion
SetBkMode
GetStockObject

kernel32

Sleep
EnterCriticalSection
GetPriorityClass
GetCommandLineA
GetStartupInfoA
lstrcpyA
VirtualFree
GetLocaleInfoW
FatalAppExitA
CreateEventA
FlushFileBuffers
LoadLibraryA
DeleteCriticalSection
VirtualAlloc

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ