28f55c1c783d05ab9a46455e551054c1

Sharing

Copy URL Twitter E-mail

General

Target

28f55c1c783d05ab9a46455e551054c1
Size

450KB
MD5

28f55c1c783d05ab9a46455e551054c1
SHA1

0c60fb4a0978da4d6038047250b25a47314be02c
SHA256

3095be90150d2e967974bf7402d1de987497c66c718768d86f5f721dc7400a1e
SHA512

2bb415565591374af61a04d9d326c16473c9d7d51a1716e06f5b82c2ddebbba74438d53745d7755afc809560fb2f46f0a82e67eea78eb015ac71abf79d5db92a
SSDEEP

12288:VhEcBoWvaxkvJ+BoECyRg7Boj/Eh8guX3zOSZC:bEcwyFqXTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f55c1c783d05ab9a46455e551054c1

Files

28f55c1c783d05ab9a46455e551054c1
.exe windows:4 windows x86 arch:x86

e3d15145a9c759e900b53d5db32b0b2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA

advpack

DelNode
RegInstall

advapi32

RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
RegSetValueExA

kernel32

OpenFile
SetStdHandle
IsBadWritePtr
ExitThread
GetSystemTimeAsFileTime
GetLocaleInfoA
FindClose
GlobalMemoryStatus
DisableThreadLibraryCalls
WideCharToMultiByte
RaiseException
GetEnvironmentStringsW
LocalAlloc
GetTickCount
CreateFileA
Sleep
GetWindowsDirectoryA
GetSystemTime
MulDiv
SetHandleCount
GetVolumeInformationA
HeapAlloc
GetCurrentDirectoryA
lstrcmpiA
GetCurrentProcessId
IsDBCSLeadByte
SetUnhandledExceptionFilter
HeapDestroy
WaitForSingleObject
GetCurrentProcess
ExitProcess
CompareStringW
GetModuleFileNameA
FindNextFileA
ReleaseSemaphore
GetStringTypeW
TerminateProcess
DebugBreak
SetEndOfFile
CloseHandle
LocalFree
CreateSemaphoreA
MapViewOfFile
GetStartupInfoA
GetTempPathA
GetFileSize
lstrcatA
GetModuleHandleA
MultiByteToWideChar
SetFilePointer
TlsGetValue
FreeEnvironmentStringsW
FormatMessageA
SetCurrentDirectoryA
EnterCriticalSection
SearchPathA
GetOEMCP
DeleteFileA
GetCurrentThreadId
GlobalLock
WritePrivateProfileStringA
GetLocaleInfoW
GetCommandLineA
LCMapStringW
GetProcAddress
HeapCreate
GetVersionExA
_llseek
GetVersion
GlobalAlloc
TlsAlloc
FreeEnvironmentStringsA
TlsFree
GetCPInfo
LocalReAlloc
GetPrivateProfileStringA
LCMapStringA
InterlockedDecrement
GetTimeZoneInformation
LeaveCriticalSection
GetSystemDefaultLangID
GetLastError
VirtualAlloc
GlobalFree
SetEnvironmentVariableA
GetUserDefaultLCID
CreateThread
GetFileAttributesA
IsBadReadPtr
_lopen
lstrcpyA
TlsSetValue
lstrcpynA
RtlUnwind
_lwrite
lstrlenW
FreeLibrary
VirtualFree
lstrlenA
HeapFree
CompareStringA
ReadFile
InterlockedIncrement
FindFirstFileA
FatalAppExitA
IsBadCodePtr
GlobalHandle
SetLastError
HeapSize
DeleteCriticalSection
GetTempFileNameA
GetFileType
WriteFile
GetStdHandle
LoadLibraryA
InitializeCriticalSection
FlushFileBuffers
GetACP
GetSystemDirectoryA
CreateFileMappingA
CreateDirectoryA
HeapReAlloc
GetLocalTime
GetStringTypeA
_lread
GetFullPathNameA
_lclose
GetEnvironmentStrings

gdi32

SetMetaFileBitsEx
DeleteMetaFile
SetTextColor
CreateFontIndirectA
SelectPalette
RestoreDC
CreateCompatibleDC
SetBkColor
SetViewportExtEx
CreatePalette
SetMapMode
GetTextExtentPointA
CreateRectRgnIndirect
PatBlt
CreatePen
GetObjectA
SaveDC
CreateSolidBrush
GetDIBits
SetBkMode
DeleteDC
CreateDIBSection
GetTextMetricsA
CreateHalftonePalette
SelectClipRgn
DeleteObject
CreateICA
SelectObject
SetViewportOrgEx
RealizePalette
GetPaletteEntries
CreateCompatibleBitmap
GetDeviceCaps
CreateDCA
CreatePatternBrush
BitBlt
StretchDIBits
CreateFontA
PlayMetaFile
ExtTextOutA
CreateBitmap

user32

EnableWindow
ShowWindow
ScreenToClient
InvalidateRect
CreateWindowExA
DefWindowProcA
ReleaseDC
SetWindowLongA
CharLowerA
EndDialog
GetClassNameA
IsWindow
ReleaseCapture
PostMessageA
ClipCursor
LoadCursorA
MessageBoxA
GetWindowRect
KillTimer
SetDlgItemInt
SetFocus
GetSysColor
OffsetRect
GetDC
wsprintfA
SetCapture
SendDlgItemMessageA
GetDlgItem
GetClientRect
ClientToScreen
SetWindowTextA
GetMenuItemID
RegisterClassA
GetWindowTextA
SetRect
SetCursor
GetParent
PtInRect
LoadStringA
GetCursorPos
GetDlgItemInt
GetWindowPlacement
CallWindowProcA
EnumChildWindows
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowTextLengthA
InsertMenuA
SendMessageA
FindWindowA
DeleteMenu
LoadBitmapA
SetWindowPos
DestroyWindow
SetTimer
CharPrevA
MoveWindow
FillRect
GetDesktopWindow
GetWindowLongA
EndPaint
CallNextHookEx
CharNextA
DialogBoxParamA
IsIconic
BeginPaint
wvsprintfA
CreateDialogParamA
WinHelpA
SystemParametersInfoA
GetSystemMetrics

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3d15145a9c759e900b53d5db32b0b2f

Headers

DLL Characteristics

File Characteristics

Imports

version

advpack

advapi32

kernel32

gdi32

user32

shell32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 39KB - Virtual size: 1.8MB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 56KB - Virtual size: 56KB

.rsrc Size: 345KB - Virtual size: 345KB

.idata Size: 6KB - Virtual size: 6KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 39KB - Virtual size: 1.8MB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 345KB - Virtual size: 345KB

.idata
Size: 6KB - Virtual size: 6KB