fd59adc14fcf237df3fd1cad29df0a74

Sharing

Copy URL Twitter E-mail

General

Target

fd59adc14fcf237df3fd1cad29df0a74
Size

22KB
MD5

fd59adc14fcf237df3fd1cad29df0a74
SHA1

2451bad7a285951040a007ae71860289ff55471b
SHA256

71fd10209c60d161f54a3741f4b45ba98bd9412145f2af83fc1e06c9954c23e6
SHA512

b964f50f5bcfb15911248dbc338f50d8a60ce31e4912d5423640aa854423cde0ec0d7606bc05468755c5e45e6eb3347ec73b97cc9bd997b580430d65a0e6a089
SSDEEP

384:YfBGpmQvTWa+hkoBydytTfJAp1/WWNrsWdIA:G0pmQv+WbytDJApEWNFI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd59adc14fcf237df3fd1cad29df0a74

Files

fd59adc14fcf237df3fd1cad29df0a74
.exe windows:5 windows x86 arch:x86

20f8be1c8cf7e32a1fe932ee0f3913f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFirmwareEnvironmentVariableA
InterlockedExchangeAdd
GetLastError
ReleaseMutex
WaitNamedPipeA
FileTimeToLocalFileTime
TransactNamedPipe
GetStringTypeExA
GetEnvironmentStringsA
ConnectNamedPipe
FileTimeToDosDateTime
DeleteFileA
CreateMutexA
GetNamedPipeInfo
InterlockedDecrement
GetStringTypeA
lstrcmpA
CompareStringA
OpenMutexA
WriteFileGather
WriteFileEx
InterlockedPushEntrySList
GetFileAttributesExA
lstrlenA
GetEnvironmentVariableA
WriteFile
CallNamedPipeA
lstrcmpiA
GetSystemTime
GetCurrentProcessId
ReadFileScatter
InterlockedPopEntrySList
CloseHandle
ReadFile
GetSystemTimeAdjustment
InterlockedIncrement
SetFilePointerEx
GetFileAttributesA
SetFilePointer
lstrcpyA
GetFileTime
InterlockedExchange
VirtualAlloc
FreeEnvironmentStringsA
SetNamedPipeHandleState
GetLocalTime
CreateFileA
PeekNamedPipe
DosDateTimeToFileTime
SetEnvironmentVariableA
ExpandEnvironmentStringsA
InterlockedFlushSList
VirtualFree
DisconnectNamedPipe
InterlockedCompareExchange
IsBadStringPtrA
lstrcatA
GetFirmwareEnvironmentVariableA
GetProcessHeaps
GetSystemTimes
HeapCreate
GetSystemTimeAsFileTime
ReadFileEx
GetNamedPipeHandleStateA

cryptui

I_CryptUIProtectFailure
CryptUIDlgSelectCertificateFromStore
DllUnregisterServer
CryptUIFreeCertificatePropertiesPagesA
CryptUIStartCertMgr
CryptUIDlgFreeCAContext
CryptUIWizCertRequest
CryptUIGetViewSignaturesPagesA
CryptUIWizExport
CryptUIFreeViewSignaturesPagesA
CryptUIDlgCertMgr
LocalEnroll
RetrievePKCS7FromCA
CryptUIWizImport
CryptUIDlgViewContext
CryptUIWizDigitalSign
CryptUIDlgViewCertificateA
EnrollmentCOMObjectFactory_getInstance
CryptUIDlgSelectCertificateA
CryptUIDlgViewCRLA
LocalEnrollNoDS
CryptUIWizQueryCertRequestNoDS
CryptUIWizSubmitCertRequestNoDS
CryptUIWizBuildCTL
CryptUIDlgViewCTLA
CryptUIWizFreeCertRequestNoDS
I_CryptUIProtect
CryptUIWizCreateCertRequestNoDS
ACUIProviderInvokeUI
CryptUIDlgViewCertificatePropertiesA
CryptUIDlgViewSignerInfoA
CryptUIWizFreeDigitalSignContext
DllRegisterServer

user32

GetWindowTextA
SetMenu
OpenClipboard
CharNextA
MessageBeep
UpdateWindow
DialogBoxParamA
SetWindowTextA
GetWindowLongA
DrawTextA
DefWindowProcA
SetProcessDefaultLayout
SetDlgItemInt
PostQuitMessage
GetDesktopWindow
SetWindowPos
SendMessageA
GetWindowRect
SetCursor
CallWindowProcA
DestroyMenu
ShowWindow
LoadIconA
GetMessageA
SetFocus
CloseClipboard
LoadStringA
GetDlgCtrlID
HideCaret
ScreenToClient
IsDialogMessageA
EndDialog
OffsetRect
GetSysColorBrush
RegisterClassExA
GetProcessDefaultLayout
WinHelpA
GetSubMenu
GetMenu
LoadCursorA
IsChild
MapWindowPoints
SetDlgItemTextA
CheckMenuItem
ChildWindowFromPoint
IsClipboardFormatAvailable
DispatchMessageA
CheckMenuRadioItem
GetSysColor
SetWindowLongA
GetDlgItem
EnableMenuItem
EnableWindow
CreateWindowExA
EndPaint
TrackPopupMenuEx
LoadAcceleratorsA
CheckRadioButton
MessageBoxA
DestroyWindow
BeginPaint
SystemParametersInfoA
CreateDialogParamA
GetClipboardData
LoadMenuA
InvalidateRect
TranslateMessage

advpack

TranslateInfString
RebootCheckOnInstall
RegSaveRestoreOnINF
RegisterOCX
TranslateInfStringEx
FileSaveMarkNotExist
DoInfInstall
RegRestoreAll
FileSaveRestoreOnINF
DelNodeRunDLL32
RegSaveRestore
NeedReboot
OpenINFEngine
LaunchINFSectionEx
GetVersionFromFile
RegInstall
AddDelBackupEntry
DelNode
IsNTAdmin
ExtractFiles
UserInstStubWrapper
LaunchINFSection
ExecuteCab
RunSetupCommand
CloseINFEngine

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 905B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20f8be1c8cf7e32a1fe932ee0f3913f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

cryptui

user32

advpack

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 905B

.rsrc Size: 2KB - Virtual size: 40KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 905B

.rsrc
Size: 2KB - Virtual size: 40KB