fd37434cf55f454593ba2a35c2e14d74fc4d14787f5e01dfc36364860ed1b485

Sharing

Copy URL Twitter E-mail

General

Target

fd37434cf55f454593ba2a35c2e14d74fc4d14787f5e01dfc36364860ed1b485
Size

25KB
MD5

e885021abf23baa572fbaa4278b5c0b6
SHA1

92f5005f1d1a30eb1f90b3257adb5e2a6d9b707c
SHA256

fd37434cf55f454593ba2a35c2e14d74fc4d14787f5e01dfc36364860ed1b485
SHA512

b713caf93a3b2a23b9f146250e9338a1ffef9bc5f5e1c273715a7bb4c1221faa4cdb1210945c948837bb27bfe9fb6d569a11fbba78229794ebf30caa10beb039
SSDEEP

768:+PPn+JHVyGDiNmrXO0tugZy5VtMbjuKjUTh+j6wJc6ot:O2JHIfNmrnS1otjK6ot

Score

N/A

Malware Config

Signatures

Files

fd37434cf55f454593ba2a35c2e14d74fc4d14787f5e01dfc36364860ed1b485
.zip
sADblock.exe
.exe windows x86

58c067723d058b3d21b2a4cfeb318c26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualFree
WriteFile
OpenProcess
Sleep
GetFileAttributesW
IsBadWritePtr
CreateFileW
lstrlenW
GetStartupInfoW
WritePrivateProfileStringW
GetLastError
VirtualAlloc
Process32FirstW
WaitForSingleObject
lstrcmpiW
lstrcatW
CreateToolhelp32Snapshot
GetShortPathNameW
GetCurrentThreadId
ReleaseMutex
CloseHandle
EnumResourceLanguagesW
DeleteFileW
lstrcpyW
RtlZeroMemory
CreateThread
GetCurrentProcess
MoveFileExW
FindResourceExW
CreateMutexW
ExitProcess
LockResource
GetProcAddress
SizeofResource
LoadResource
FreeLibrary
FindResourceW
Process32NextW
FreeResource

user32

wsprintfW
LoadIconW
OffsetRect
SystemParametersInfoW
GetDlgItem
SendDlgItemMessageW
SetFocus
SetWindowsHookExW
UnhookWindowsHookEx
MessageBoxW
SetDlgItemTextW
SendMessageW
EnableWindow
SetWindowTextW
CopyRect
GetWindowThreadProcessId
ExitWindowsEx
AttachThreadInput
GetParent
DialogBoxParamW
IsIconic
GetWindowRect
SetWindowPos
EndDialog

msvcrt

memset
wcsncpy
malloc
_wtof
free

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ord17

gdi32

CreateFontW
GetObjectW
DeleteObject

advapi32

RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExW
OpenProcessToken
RegDeleteValueW
LookupPrivilegeValueW
RegQueryValueExW

psapi

GetModuleFileNameExW

shell32

ShellExecuteExW
SHGetPathFromIDListW
ord165
SHBrowseForFolderW
SHGetSpecialFolderPathW

ole32

CoInitialize
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58c067723d058b3d21b2a4cfeb318c26

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

version

comctl32

gdi32

advapi32

psapi

shell32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 28KB - Virtual size: 27KB