28eea34eaf2ab86f9a4a6710f5d355df

Sharing

Copy URL Twitter E-mail

General

Target

28eea34eaf2ab86f9a4a6710f5d355df
Size

1.8MB
MD5

28eea34eaf2ab86f9a4a6710f5d355df
SHA1

8c2535df441a6fed46d070a6567d2cfa5bedda10
SHA256

4f4e002106bf74ab2e8dab5b2c68b2c150e5b72504d6dda428278f0018ba47d6
SHA512

cad6fbf652a646145e57e2d7d319f2f338d0b8b366200f1a4517fb8401d311acc7bf329b810fab67eefa636126e306254a5b0cac9e11b9e30c2b0350e1cb8223
SSDEEP

49152:7cQPtqCG0jh3RM54tcL7S1fAEH5d4ZOYrhsNvlKBhfB+TYi9xMRvE:7tqF09SiiCRd4ZDaKVsxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28eea34eaf2ab86f9a4a6710f5d355df

Files

28eea34eaf2ab86f9a4a6710f5d355df
.exe windows:5 windows x86 arch:x86

488d2d6e5c5d9e7f61dd79126da2d396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetCurrentDirectoryA
RtlUnwind
ExitThread
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
SetStdHandle
GetFileType
GetACP
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCPInfo
GetProfileStringA
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetFileTime
GetFileSize
GetFileAttributesA
FindNextFileA
GetCurrentThread
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
lstrcmpA
SetLastError
lstrlenW
SuspendThread
SetThreadPriority
GetThreadLocale
FormatMessageA
LocalFree
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
WriteFile
ReadFile
lstrcpynA
CreateMutexA
CreateThread
DeleteFileA
SetEvent
ResetEvent
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalAlloc
ResumeThread
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
GetTickCount
lstrcpyA
CreateFileA
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
WinExec
GetStdHandle
CreateProcessA
GetPrivateProfileIntA
Sleep
GetModuleFileNameA
ReadProcessMemory
VirtualProtectEx
OpenProcess
MultiByteToWideChar
CloseHandle
GetModuleHandleA
GetProcAddress
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
LoadLibraryA
FreeLibrary
GetThreadContext
VirtualAllocEx
WriteProcessMemory
SetThreadContext
GetCurrentProcess
FlushInstructionCache
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetVersionExA
WritePrivateProfileStringA

user32

ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
GetWindow
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
IsIconic
DrawIcon
FillRect
GetDC
ReleaseDC
SetRect
GetSystemMenu
IsWindowVisible
ReleaseCapture
RedrawWindow
SetCapture
GetSystemMetrics
PeekMessageA
TranslateMessage
DispatchMessageA
LoadImageA
LoadMenuA
GetSubMenu
RegisterWindowMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
EnableWindow
SetForegroundWindow
GetCursorPos
UpdateWindow
GetDesktopWindow
SystemParametersInfoA
SetWindowPos
DrawFocusRect
GetSysColor
IsWindow
GetFocus
InvalidateRect
GetWindowRect
BringWindowToTop
GetParent
SendMessageA
LoadIconA
GetMessagePos
ScreenToClient
AdjustWindowRectEx
SetFocus
MapWindowPoints
SendDlgItemMessageA
PtInRect
KillTimer
SetCursor
SetTimer
LoadBitmapA
GetClientRect
DrawIconEx
CopyRect
DrawTextA
LoadCursorA
PostMessageA
SetDlgItemTextA
AppendMenuA
PostThreadMessageA
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
GetClassNameA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
LoadStringA
WindowFromPoint
DestroyMenu
CharUpperA
FindWindowA
SetWindowLongA
CopyAcceleratorTableA
InflateRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMessageA
ValidateRect
CharNextA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
GetKeyState
IsDialogMessageA
GetSysColorBrush

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
PatBlt
DPtoLP
LPtoDP
SetBkMode
RestoreDC
SaveDC
GetBkColor
GetTextColor
GetClipBox
GetTextExtentPoint32A
SelectObject
DeleteDC
GetDeviceCaps
CreateFontIndirectA
StretchBlt
DeleteObject
SetBoundsRect
GetObjectA
CreateFontA
CreateSolidBrush
SetTextColor
SetBkColor
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC
CreateBitmap
CreateDIBitmap
GetTextExtentPointA
BitBlt

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA

shell32

ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

comctl32

ord17
_TrackMouseEvent
ImageList_Destroy

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal

olepro32

ord251
ord253

oleaut32

SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime
SysAllocString
SysAllocStringLen
VariantChangeType
VariantCopy
VariantClear
SysFreeString
LoadTypeLi

urlmon

URLDownloadToFileA

wsock32

inet_addr
WSAStartup
WSACleanup
getsockopt
send
recv
bind
ioctlsocket
connect
getsockname
ntohl
ntohs
htonl
socket
closesocket
select
sendto
recvfrom
htons
gethostname
gethostbyname

skinh

SkinH_Attach
SkinH_AdjustHSV
SkinH_DetachEx
SkinH_SetBackColor

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry

rasapi32

RasDeleteEntryA
RasEnumConnectionsA
RasHangUpA
RasEnumDevicesA
RasSetEntryPropertiesA
RasValidateEntryNameA
RasDialA
RasGetErrorStringA
RasGetConnectStatusA

suyouhook

ReleaseGlobalProxyInstance
GetGlobalProxyInstance

shlwapi

PathStripPathA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 632KB - Virtual size: 632KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sydata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sydata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

488d2d6e5c5d9e7f61dd79126da2d396

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wsock32

skinh

wininet

rasapi32

suyouhook

shlwapi

msvcrt

iphlpapi

psapi

Sections

.text Size: 632KB - Virtual size: 632KB

.sydata Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 28KB - Virtual size: 28KB

.sydata Size: 4KB - Virtual size: 4KB

.text
Size: 632KB - Virtual size: 632KB

.sydata
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 28KB - Virtual size: 28KB

.sydata
Size: 4KB - Virtual size: 4KB