AdobeReader[.]pdf [.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

AdobeReader.pdf .exe
Size

176KB
MD5

8942bfeee9b6307a5e2e5cc7b3c24d9d
SHA1

ae57b351dc9beb723156851e4354ab7a01c3e219
SHA256

e1314f6cf405c1c286322d02efffa9b218206edd71f71f1fb5666053b121ac05
SHA512

fe47db31905578028a88329657d0b4fd7d9a9f0ea8a77db2fb8571bade69b34aaf93dc29a560a092c14de13289ac1d74123aa588200228f839b39802082fc87f
SSDEEP

3072:g4stNvqEH8K4WGBAXwMzhSvcP00BPE9fdtKGxA808/s7o+7qKWeLscMlMbh:gZfCnWtXwMzhSvHfdtRmqKAI

Score

N/A

Malware Config

Signatures

Files

AdobeReader.pdf .exe
.exe windows x64

925011a4954807e24c394d7b434c72aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

urlmon

URLDownloadToFileA

kernel32

GetModuleHandleW
WinExec
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcessId
IsDebuggerPresent

vcruntime140

memset
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_get_initial_narrow_environment
_register_thread_local_exe_atexit_callback
terminate
_initialize_narrow_environment
_configure_narrow_argv
_crt_atexit
_c_exit
_initterm
_set_app_type
_seh_filter_exe
exit
_cexit
__p___argv
__p___argc
_initterm_e
_exit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

925011a4954807e24c394d7b434c72aa

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 396B

.rsrc Size: 166KB - Virtual size: 165KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 396B

.rsrc
Size: 166KB - Virtual size: 165KB

.reloc
Size: 512B - Virtual size: 40B