2024-09-28_bc5c8cbbe66ca3ea05604509d334e617_gandcrab

General

Target

2024-09-28_bc5c8cbbe66ca3ea05604509d334e617_gandcrab
Size

97KB
MD5

bc5c8cbbe66ca3ea05604509d334e617
SHA1

084ed6abd5ded9948bf7d0a41b3c99cb35208426
SHA256

79300246f195358830de5994005b0398924482e774a3244748c3b71d98b8ebaf
SHA512

47fbbf0479247c0fb94f1644ebd0c170dea89d29349181a125b4afbd5eb39367951b35a9e225dc5b790a9384e359b2fc96eec0853fb0156c4b87fa2cf8ce94f0
SSDEEP

1536:ufuwLvvKeqM0TRl79lvhWAwVl5OpqIyedIVjC3E8dzcrHuTcxLUllPR:umwLXnqM0Nl795twDIyeeBG+HUiUj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-28_bc5c8cbbe66ca3ea05604509d334e617_gandcrab

Files

2024-09-28_bc5c8cbbe66ca3ea05604509d334e617_gandcrab
.exe windows:5 windows x86 arch:x86

e9264c5916633be0d6c9c99ccb9ae03a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
CloseHandle
VirtualUnlock
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetLastError
EnterCriticalSection
LeaveCriticalSection
VirtualLock
WriteFile
GetSystemTime
GetModuleHandleW
CreateFileW
GetVolumeInformationW
WideCharToMultiByte
WaitForSingleObject
GetModuleHandleA
GlobalAlloc
GlobalFree
LocalAlloc
MulDiv
GetTempPathW
VirtualQuery
DeleteCriticalSection
LoadLibraryExW
GetSystemDirectoryW
ReadFile
ConnectNamedPipe
CreateEventW
ExpandEnvironmentStringsW
CreateNamedPipeW
GetFullPathNameW
GetCurrentProcess
InitializeCriticalSection
ExitThread
ExitProcess
GetProcessHeap
VirtualFree
VirtualAlloc
lstrlenW
Sleep
GetModuleFileNameW
LoadLibraryW

user32

GetDC
ReleaseDC
FillRect
DrawTextA
wsprintfA
wsprintfW
DrawTextW

gdi32

SetBitmapBits
GetBitmapBits
CreateBitmap
GetObjectW
CreateCompatibleDC
CreateFontW
DeleteDC
DeleteObject
GetDeviceCaps
GetDIBits
GetPixel
GetStockObject
SelectObject
SetBkColor
SetPixel
SetTextColor
CreateCompatibleBitmap

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9264c5916633be0d6c9c99ccb9ae03a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 26KB - Virtual size: 26KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 26KB - Virtual size: 26KB

.reloc
Size: 1KB - Virtual size: 1KB