28def76170228ad4b75a87399c2589f0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

28def76170228ad4b75a87399c2589f0N.exe
Size

1.8MB
MD5

28def76170228ad4b75a87399c2589f0
SHA1

ca88bdbb565f25ca6454a2d10f0ac52e2c066fb1
SHA256

bbbd587fde2952155ca917193c6a512a9a02833116931fcf2733f30b06ca8f01
SHA512

b2f63ba11f1f62da1223c2a64644186a9dcff5c1ab3f84b92bf5481831c78963f1cb1c7c1b18eb386dbf4cb50febeda173ed14346655a31e0e85d2bd7b17ec02
SSDEEP

49152:CVcoxv1ZFWDSLv/Zp+Vg+kJxhx96S7knMxTUGo:mcY9WD+v/hV8MxTUGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28def76170228ad4b75a87399c2589f0N.exe

Files

28def76170228ad4b75a87399c2589f0N.exe
.exe windows:4 windows x86 arch:x86

ed0b6ae17a9b35148e297591d68483b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work\Atelier\Game\Src\Release_ru\Модный Дом.pdb

Imports

kernel32

ReadFile
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileW
SetEndOfFile
LocalFree
GetLocalTime
SystemTimeToFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateFileA
FreeLibrary
GetTickCount
LeaveCriticalSection
MulDiv
FileTimeToSystemTime
GetSystemDirectoryA
GetProcAddress
EnterCriticalSection
LoadLibraryA
GetFileTime
CloseHandle
MapViewOfFile
VirtualQuery
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThread
InitializeCriticalSection
Sleep
IsBadWritePtr
SetThreadPriority
FindFirstFileA
GetLastError
FindClose
CreateFileMappingA
GetModuleFileNameA
FindNextFileA
GetThreadPriority
VirtualProtect
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
GetCurrentProcessId
DeleteFileA
InterlockedDecrement
GlobalLock
GetCommandLineA
GlobalAlloc
MultiByteToWideChar
GlobalUnlock
GlobalFree
GetModuleHandleA
CreateMutexA
GetFileSize
InterlockedIncrement
WideCharToMultiByte
InterlockedExchange
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
ExitThread
ResumeThread
CreateThread
CreateDirectoryA
GetDriveTypeA
GetFullPathNameA
HeapReAlloc
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
FlushFileBuffers
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
RemoveDirectoryA

winmm

mixerGetLineControlsA
PlaySoundA
timeEndPeriod
timeGetTime
timeBeginPeriod
mixerOpen
mixerGetLineInfoA
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetDevCapsA

wsock32

recv
send
gethostbyname
closesocket
__WSAFDIsSet
inet_ntoa
connect
WSACleanup
htons
WSAGetLastError
select
ioctlsocket
WSAStartup
socket

gdi32

GetTextExtentPoint32A
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
GetTextMetricsA
IntersectClipRect
TextOutA
GetStockObject
GetObjectA

advapi32

RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

shell32

ShellExecuteA

user32

DestroyCaret
EndPaint
CloseClipboard
ScreenToClient
GetWindowRect
IsIconic
SetCapture
SetForegroundWindow
CreateCursor
EnumDisplaySettingsA
WindowFromPoint
RegisterWindowMessageA
BeginPaint
EnumWindows
GetWindowPlacement
MoveWindow
GetSystemMetrics
AdjustWindowRectEx
ReleaseDC
OffsetRect
GetDC
DrawTextExA
GetClientRect
GetWindowInfo
FillRect
ClientToScreen
RegisterClassA
LoadCursorA
AdjustWindowRect
SetWindowTextA
MessageBoxW
DispatchMessageA
CreateWindowExW
GetSysColorBrush
ShowWindow
DefWindowProcA
CreateWindowExA
MessageBoxA
GetWindowTextA
TranslateMessage
SendMessageA
SetFocus
LoadIconA
SetTimer
SetWindowLongA
SetCursor
DestroyWindow
SetCaretPos
CreateCaret
GetMessageA
ShowCaret
HideCaret
DefWindowProcW
ChangeDisplaySettingsA
DialogBoxIndirectParamA
SetClipboardData
IsWindowVisible
ReleaseCapture
SystemParametersInfoA
OpenClipboard
PostMessageA
GetActiveWindow
GetCursorPos
DestroyCursor
EndDialog
GetDlgItem
EmptyClipboard
PeekMessageA
GetClipboardData
GetWindowLongA

ole32

CoInitialize

oleaut32

VariantClear

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 476KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed0b6ae17a9b35148e297591d68483b2

Headers

File Characteristics

PDB Paths

Imports

kernel32

winmm

wsock32

gdi32

advapi32

shell32

user32

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 192KB - Virtual size: 188KB

.data Size: 60KB - Virtual size: 306KB

.rsrc Size: 476KB - Virtual size: 472KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 192KB - Virtual size: 188KB

.data
Size: 60KB - Virtual size: 306KB

.rsrc
Size: 476KB - Virtual size: 472KB