c28542a089d7fd3741b7ddb7f17517ec

Sharing

Copy URL Twitter E-mail

General

Target

c28542a089d7fd3741b7ddb7f17517ec
Size

613KB
MD5

c28542a089d7fd3741b7ddb7f17517ec
SHA1

46f8a661e594c08a227baa1591a44d82bfcc5a43
SHA256

41ed3a4683fe3a8819e977b7f2c0fb6b4b20ffa26dc9011d76bc9ef7f5026ce2
SHA512

c0d488316b686686ab7386098ca9c72cfa5a6fbd03cc6e3364f9cf28f3cf1b6727464a2bc3068e4c5f1965edb1ef4a204c4c2e23e9cb63bad01b9b773f58326e
SSDEEP

12288:UMXAHGai9f7vpThxk11/Z1Ysa8B2U1LYjGxjLWsh1juWgFa+V:UrHliz1y1/Zda8B36jgysnWTV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c28542a089d7fd3741b7ddb7f17517ec

Files

c28542a089d7fd3741b7ddb7f17517ec
.exe windows:4 windows x86 arch:x86

14676d6bf75315315b723d0b636078d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
GetStockObject
DeleteDC
CreateSolidBrush

kernel32

GetVersion
GetLastError
GetTickCount
GetCurrentThreadId
GetCommandLineA
GetCurrentThread
GetModuleHandleA
ExitProcess
GetCurrentProcessId
HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualFree
FindResourceW
HeapCreate
IsValidCodePage
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
TlsFree
MapViewOfFile
CompareStringA
RaiseException
InterlockedCompareExchange
HeapSize
GetCPInfo
GetEnvironmentStrings
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
lstrlenA
UnmapViewOfFile
InterlockedIncrement
CreateFileA
TlsSetValue
GetFileType
SizeofResource
GlobalLock
WaitForMultipleObjects
FindFirstFileW
CreateFileMappingA
ResetEvent
GlobalFree
FindNextFileW
WriteFile
CompareStringW
GetProcAddress
DeleteFileW
SetEvent
GetEnvironmentVariableA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
SetHandleCount
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
IsDebuggerPresent
GetModuleFileNameW
TlsGetValue
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
GetStdHandle

oleaut32

SysAllocStringLen
SysFreeString
VariantClear

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoUninitialize

user32

SetForegroundWindow
PostQuitMessage
LoadBitmapA
IsWindow
GetDC
GetClientRect
SetCursor
CallWindowProcA
DrawTextA
SendMessageA
IsWindowVisible
SystemParametersInfoA
GetSysColor
SetWindowTextA
GetFocus
ReleaseDC
LoadCursorA
ScreenToClient
GetWindowLongA
ReleaseCapture
SetCapture
GetWindowRect
BeginPaint
SetFocus
EndPaint
SetTimer
GetSubMenu
EnableMenuItem
LoadStringA
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow

Sections

.text
Size: 575KB - Virtual size: 898KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14676d6bf75315315b723d0b636078d2

Headers

File Characteristics

Imports

gdi32

kernel32

oleaut32

ole32

user32

Sections

.text Size: 575KB - Virtual size: 898KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 18KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 575KB - Virtual size: 898KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 11KB - Virtual size: 10KB