19b4e54b89c3393ca212778cdfdec032

General

Target

19b4e54b89c3393ca212778cdfdec032
Size

8KB
MD5

19b4e54b89c3393ca212778cdfdec032
SHA1

935db3421431fe09f05b6a58c3a19b15d725d443
SHA256

08efaa4b04c47e4285c816e90a0cd61ad015db7b448739dbe1867320f3c55e72
SHA512

bbdac05b7e9540b2051def3b1b1ef2524d9eac0dfbd90663214975b768e42c5dc8332d4fddfa1a8f99efe9b6e4ae2101b9d8f26e953e1f807b0a471254448c4b
SSDEEP

192:EKt/iKPMY9myQMfb2U5tiK5KlmtX2Pl8997qhOLFhg5ELpbFqyt:Nt6KP1L7N5tXKEtX2Pl89tX9pBz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Trojan-Downloader.Win32.Agent.abzk

Files

19b4e54b89c3393ca212778cdfdec032
.zip
Trojan-Downloader.Win32.Agent.abzk
.exe windows:4 windows x86 arch:x86

4754d1fd7b32b6875ba5fd324d7e3d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CreateIoCompletionPort
CreateProcessW
EndUpdateResourceA
ExitProcess
FormatMessageW
GetCompressedFileSizeW
GetConsoleCP
GetConsoleScreenBufferInfo
GetCurrentThreadId
GetFileTime
GetLogicalDrives
GetModuleFileNameA
GetNumberFormatW
GetProfileStringW
HeapLock
MoveFileExW
OpenWaitableTimerA
OutputDebugStringW
PrepareTape
ReadConsoleOutputA
ReadFileEx
ReleaseMutex
SetCommConfig
SetProcessShutdownParameters
SwitchToThread
WaitForMultipleObjectsEx
WriteFileGather
lstrlen

advapi32

BackupEventLogW
BuildExplicitAccessWithNameA
BuildSecurityDescriptorA
CloseServiceHandle
ConvertSecurityDescriptorToAccessNamedA
CryptDecrypt
CryptDuplicateHash
CryptDuplicateKey
CryptGetKeyParam
CryptGetProvParam
CryptHashSessionKey
CryptReleaseContext
EnumDependentServicesA
GetFileSecurityA
GetOverlappedAccessResults
MakeSelfRelativeSD
ObjectPrivilegeAuditAlarmW
OpenBackupEventLogW
OpenThreadToken
ReadEventLogA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegQueryMultipleValuesW
RegisterServiceCtrlHandlerA

user32

AlignRects
ChangeMenuW
CreateIconFromResource
CreateWindowExW
EnumPropsExW
GetKeyboardLayoutNameA
GetMessageW
GetShellWindow
GetSubMenu
GetUserObjectInformationW
GetWindowContextHelpId
IMPSetIMEW
InvertRect
IsCharLowerA
IsZoomed
LoadIconA
ModifyMenuA
PostMessageW
RegisterClassA
SendIMEMessageExW
SetMenuItemBitmaps
SetMenuItemInfoA
SetMessageQueue
WINNLSEnableIME

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4754d1fd7b32b6875ba5fd324d7e3d83

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 9KB - Virtual size: 12KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 9KB - Virtual size: 12KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 12KB