28f9d716140d0683933e0527c170c2ac

Sharing

Copy URL Twitter E-mail

General

Target

28f9d716140d0683933e0527c170c2ac
Size

297KB
MD5

28f9d716140d0683933e0527c170c2ac
SHA1

9324f7d17e2cf4242fd4d4a57f446eb642436514
SHA256

f58fbd064ebf6d5ef5adb50d14beb5572c8c5e0b23012e18d21ac21a9ae578de
SHA512

5453be0a816735417490654b2ef193921e0f4a92d60917474d42ae804a9612be18090b108aba1efce25d42adf75d2d3b4f74cb42dc60219351297d97364ee655
SSDEEP

6144:D+JfSlRrIba74DlVY0DE98TexVU24pi9:wf4Iba8DlVY0o98TaVY+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f9d716140d0683933e0527c170c2ac

Files

28f9d716140d0683933e0527c170c2ac
.exe windows:4 windows x86 arch:x86

2117730baaea5bb5d1865d9f53a75825

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CopyFileA
GlobalLock
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalUnlock
CreateEventA
TlsGetValue
TlsAlloc
DuplicateHandle
TlsSetValue
CreateSemaphoreA
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiA
GetModuleHandleA
GetPrivateProfileStringA
GetSystemDirectoryA
WinExec
GetDiskFreeSpaceA
GetFileSize
RemoveDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
SetLastError
GetStartupInfoA
GlobalAlloc
GetWindowsDirectoryA
WritePrivateProfileStringA
FindNextFileA
FindClose
FindFirstFileA
CreateDirectoryA
SetFileAttributesA
MoveFileA
GetCurrentThread
CreateFileA
CreateThread
CreateProcessA
GetLastError
CreateMutexA
lstrcpynA
lstrcpyA
lstrcatA
lstrlenA
GetTickCount
Sleep
lstrcmpA
DeleteFileA
SetEvent
SetPriorityClass
FormatMessageA
ExitProcess
GetProcAddress
GetComputerNameA
GetCurrentProcess
SetThreadPriority
WriteFile
GetShortPathNameA
MoveFileExA
SearchPathA
GetModuleFileNameA
FreeLibrary
CloseHandle
GlobalMemoryStatus
LoadLibraryA
GetVersionExA
SetProcessShutdownParameters
GetSystemInfo
GetDriveTypeA
GetLogicalDriveStringsA
IsBadStringPtrA
ResumeThread

advapi32

RegEnumKeyExA
DeregisterEventSource
ControlService
DeleteService
RegOpenKeyA
RegDeleteValueA
LockServiceDatabase
CreateServiceA
RegCreateKeyA
RegSetValueExA
UnlockServiceDatabase
RegisterServiceCtrlHandlerA
SetServiceStatus
GetServiceDisplayNameA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
StartServiceA
RevertToSelf
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
RegDeleteKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
ReportEventA
RegisterEventSourceA

comctl32

ImageList_Add
ImageList_Create
ImageList_ReplaceIcon

comdlg32

GetSaveFileNameA

gdi32

CreateRectRgnIndirect
GetStockObject
GetDIBits
CreateRectRgn
GetRegionData
DeleteDC
SelectObject
GetDeviceCaps
CreateDIBSection
CreateCompatibleDC
CombineRgn
CreateDCA
DeleteObject
BitBlt

msvcrt

_CxxThrowException
_except_handler3
realloc
_ftol
_XcptFilter
?terminate@@YAXXZ
_exit
__getmainargs
exit
_acmdln
_adjust_fdiv
_initterm
__setusermatherr
_beginthreadex
_endthreadex
calloc
_ltoa
_itoa
_strlwr
_ftime
_access
??1type_info@@UAE@XZ
fflush
_controlfp
_onexit
__dllonexit
__p__fmode
__set_app_type
__p__commode
strstr
free
fgetc
??2@YAPAXI@Z
fclose
fwrite
fopen
malloc
__CxxFrameHandler
strchr
fread
ftell
fseek
strncpy
strrchr
fputs
_strtime
_strdate
??3@YAXPAX@Z
isdigit
atoi
rand
srand
memmove
rename
sprintf
_strdup
localtime
time
atol
gmtime
strftime
strtok
sscanf
strncmp
asctime

shell32

ShellExecuteA
Shell_NotifyIconA

user32

GetThreadDesktop
OpenInputDesktop
OpenDesktopA
PostThreadMessageA
wvsprintfA
ChangeDisplaySettingsA
EnumDisplaySettingsA
DispatchMessageA
TranslateMessage
GetMessageA
ExitWindowsEx
CharToOemA
SystemParametersInfoA
MessageBeep
keybd_event
MapVirtualKeyA
GetAsyncKeyState
VkKeyScanA
FlashWindow
SetWindowPos
SetClassLongA
GetDesktopWindow
SetWindowTextA
SetFocus
ShowWindow
MoveWindow
LoadStringA
GetKeyboardState
CloseDesktop
KillTimer
IntersectRect
GetWindowRect
WindowFromPoint
mouse_event
IsWindowVisible
EnumWindows
GetTopWindow
GetForegroundWindow
IsRectEmpty
UnionRect
OffsetRect
GetCaretPos
EnumDesktopWindows
PeekMessageA
ReleaseDC
DestroyWindow
ChangeClipboardChain
SetClipboardViewer
SetThreadDesktop
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RemovePropA
SetPropA
GetPropA
GetClipboardData
GetClipboardOwner
FindWindowA
GetProcessWindowStation
GetUserObjectInformationA
EndDialog
GetDlgItem
SendMessageA
MessageBoxA
GetDlgItemTextA
GetDlgItemInt
IsDlgButtonChecked
EnableWindow
SetDlgItemInt
SetDlgItemTextA
CheckDlgButton
GetSystemMetrics
LoadBitmapA
BringWindowToTop
DialogBoxParamA
GetWindowLongA
CheckMenuItem
PostMessageA
DefWindowProcA
GetSubMenu
GetCursorPos
SetForegroundWindow
EnableMenuItem
TrackPopupMenu
wsprintfA
DestroyMenu
LoadIconA
LoadCursorA
RegisterClassExA
SetTimer
SetWindowLongA
PostQuitMessage
LoadMenuA
RegisterWindowMessageA
SetSysColors
SetMenuDefaultItem
CreateWindowExA

ws2_32

WSAIoctl

Sections

#*%!
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2117730baaea5bb5d1865d9f53a75825

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

msvcrt

shell32

user32

ws2_32

Sections

#*%! Size: 276KB - Virtual size: 276KB

.rsrc Size: 13KB - Virtual size: 16KB

.avp Size: 6KB - Virtual size: 8KB

#*%!
Size: 276KB - Virtual size: 276KB

.rsrc
Size: 13KB - Virtual size: 16KB

.avp
Size: 6KB - Virtual size: 8KB