d428712677dfdbbba6e1cb83dc26ca0f

Sharing

Copy URL

Twitter E-mail

General

Target

d428712677dfdbbba6e1cb83dc26ca0f
Size

740KB
MD5

d428712677dfdbbba6e1cb83dc26ca0f
SHA1

2dfde91158b5435bfe20737cc43ff3b01281b620
SHA256

5a6003f00fbf1d6fbe0fc34abd8f34779c9eb4c5213573c9e2e0391de0578d84
SHA512

3d0dda1d3ead949d274e8a4cb3eacc3081e0e03a8b326de7b1de8679d42474f1a4f9a495eb3d8c87c19657738be495409aacebb417a6d94f9f52fa02c68d4785
SSDEEP

12288:p38LDLjECzzMMERVDoGs4Fi9F91mCh+6/TP2PK6V6xEE9GbyF/d82:G8MEfs4qNmCh+6iPK6V6wbcF1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d428712677dfdbbba6e1cb83dc26ca0f

Files

d428712677dfdbbba6e1cb83dc26ca0f
.exe windows:4 windows x86 arch:x86

2560c19d81a216c53cebc7ad8da03c05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
CreateStatusWindowW
ImageList_GetImageRect
ImageList_GetImageCount
ImageList_DragEnter
ImageList_Duplicate
ImageList_SetIconSize
ImageList_LoadImage

wininet

SetUrlCacheEntryInfoA
DeleteUrlCacheEntryW
GopherCreateLocatorW

advapi32

LookupSecurityDescriptorPartsA
CreateServiceW
RegFlushKey
ReportEventA
CryptGetHashParam
CryptSignHashA
RegRestoreKeyA
CryptEnumProvidersA
CryptSetProviderW
RegSetValueA
CryptGetUserKey
CryptVerifySignatureW

comdlg32

GetSaveFileNameA

kernel32

HeapFree
GetCommandLineW
GetStringTypeA
ExitProcess
CreateFileA
HeapAlloc
WideCharToMultiByte
GetLastError
HeapReAlloc
VirtualAlloc
GetStartupInfoA
FreeEnvironmentStringsA
RaiseException
IsBadReadPtr
GetCommandLineA
EnterCriticalSection
FreeLibrary
GetStringTypeW
CompareStringA
GetLocaleInfoW
GetTickCount
GetEnvironmentStrings
GetFileType
CloseHandle
OutputDebugStringW
InterlockedDecrement
GetConsoleCP
GetACP
GetStdHandle
GetUserDefaultLCID
GetCurrentThreadId
HeapDestroy
WriteFile
RtlUnwind
GetDateFormatA
LeaveCriticalSection
InterlockedIncrement
GetNamedPipeInfo
GetCPInfo
CompareStringW
SetEvent
SetStdHandle
lstrlenA
SetHandleCount
IsValidLocale
SetEnvironmentVariableA
GetEnvironmentStringsW
SetConsoleCtrlHandler
GetCurrentProcessId
FillConsoleOutputCharacterW
VirtualQuery
GetOEMCP
QueryPerformanceCounter
GetProcessHeap
GetConsoleMode
HeapCreate
GetCurrentThread
OpenMutexA
FindNextFileA
WriteConsoleW
LCMapStringA
TlsGetValue
ConnectNamedPipe
TerminateProcess
GetLocaleInfoA
GetStartupInfoW
SetLastError
GetModuleFileNameW
SetFilePointer
IsValidCodePage
OutputDebugStringA
GetTimeFormatA
ReadFile
GetModuleFileNameA
GetProcessHeaps
FlushFileBuffers
LCMapStringW
lstrcpy
InitializeCriticalSection
UnhandledExceptionFilter
LoadLibraryA
GetModuleHandleA
GetSystemTimeAsFileTime
IsDebuggerPresent
GetTimeZoneInformation
DebugBreak
CreateMutexA
GetCurrentProcess
VirtualFree
GetVersionExA
TlsFree
HeapValidate
LoadLibraryW
InterlockedExchange
TlsSetValue
MultiByteToWideChar
FreeEnvironmentStringsW
DeleteCriticalSection
GetConsoleOutputCP
EnumSystemLocalesA
SetUnhandledExceptionFilter
WriteConsoleInputW
WriteConsoleA
TlsAlloc
GetProcAddress

user32

DestroyWindow
RegisterClassExA
GetQueueStatus
ExcludeUpdateRgn
SetWindowRgn
GetActiveWindow
CharNextW
GetTabbedTextExtentA
LoadKeyboardLayoutW
SetCaretBlinkTime
DdeClientTransaction
CharToOemA
ChangeDisplaySettingsExA
RemovePropA
RegisterClassA
IsCharAlphaW
GetUpdateRect
CheckRadioButton
OemToCharA
UnpackDDElParam
CascadeChildWindows
GetShellWindow
GetTopWindow
MessageBoxA
MapWindowPoints
ScreenToClient
EndDeferWindowPos
SetWindowTextA
DefMDIChildProcA
DefWindowProcW
GetWindowLongW
MapVirtualKeyExA
SetShellWindow
DdeSetQualityOfService
FindWindowW
ShowWindow
ClientToScreen
BlockInput
CreateWindowExW
UnregisterClassW
GetMessageA
GetClassInfoA
GetMenuStringA

gdi32

GetObjectA
SetMetaRgn
CreateDCW
GetDeviceCaps
MaskBlt
DeleteObject
RealizePalette
DeleteDC

Sections

.text
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2560c19d81a216c53cebc7ad8da03c05

Headers

File Characteristics

Imports

comctl32

wininet

advapi32

comdlg32

kernel32

user32

gdi32

Sections

.text Size: 324KB - Virtual size: 320KB

.rdata Size: 284KB - Virtual size: 281KB

.data Size: 116KB - Virtual size: 144KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 324KB - Virtual size: 320KB

.rdata
Size: 284KB - Virtual size: 281KB

.data
Size: 116KB - Virtual size: 144KB

.rsrc
Size: 12KB - Virtual size: 11KB