2adc36f6b91f6026febc95cdfe9eb683

Sharing

Copy URL Twitter E-mail

General

Target

2adc36f6b91f6026febc95cdfe9eb683
Size

403KB
MD5

2adc36f6b91f6026febc95cdfe9eb683
SHA1

e92ffcfeae4d94db756cf77f00c9474d2df04c5b
SHA256

93728718ecf981c49dd57920bf9c9d5a4c7c2519e2e9db3c5882259a62857a1b
SHA512

25e688b92543d1f2c712287b35ef3c94559a6282f789c46c751a291672b901510a9fedbea60b8e53ee1932e8a1efcac4e0a15b5abbd13450fcc3276d5bc4c606
SSDEEP

6144:MCXSZXgBhyc4K0/rpvyuNtnKSKM4d2dwZJiXS1KihfGdQnqsMydTOYTsfOt0+rdN:34/5ppKdSKf0iNAofyPYTLAfNI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2adc36f6b91f6026febc95cdfe9eb683

Files

2adc36f6b91f6026febc95cdfe9eb683
.exe windows:4 windows x86 arch:x86

945589793140835eb5ca335e9c7c5996

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowInfo
SetTimer
LoadIconW

shell32

DragQueryFile
ShellExecuteW
SheGetDirA
FindExecutableA
ShellHookProc
ExtractAssociatedIconW
SHBrowseForFolderA
ExtractAssociatedIconExW
SHAddToRecentDocs
InternalExtractIconListW
ShellExecuteExW
InternalExtractIconListA
ExtractIconA
SheChangeDirExW

advapi32

RegRestoreKeyA
CryptSetProviderA
RegEnumValueA
RegDeleteValueA
CryptEnumProviderTypesW
CryptDestroyKey
InitiateSystemShutdownA
AbortSystemShutdownW
RegReplaceKeyW
RegFlushKey
RegCreateKeyA
RevertToSelf
CreateServiceA
DuplicateToken
LogonUserA
CryptSignHashW
CryptSetKeyParam
CryptGetDefaultProviderW

gdi32

gdiPlaySpoolStream
GetWindowExtEx
ModifyWorldTransform
SetDIBColorTable
Chord
CreateMetaFileW
GetCharacterPlacementA
SetBitmapDimensionEx
GetNearestPaletteIndex
CreateRectRgn
GetPaletteEntries
PathToRegion
AbortPath
GetSystemPaletteUse
GetWindowOrgEx
GetViewportOrgEx
InvertRgn
EnumFontFamiliesExA

kernel32

GetFileType
RemoveDirectoryA
InitializeCriticalSection
VirtualAlloc
IsBadWritePtr
InterlockedExchange
LeaveCriticalSection
GetModuleFileNameA
GetCurrentThreadId
FindClose
GetVersion
HeapDestroy
GetProcAddress
TerminateProcess
DeleteCriticalSection
LocalFlags
GetOEMCP
GetCPInfo
SetLastError
GetStdHandle
HeapCreate
LCMapStringA
HeapAlloc
GetTimeZoneInformation
GetNumberFormatW
GetStringTypeW
TlsGetValue
RtlUnwind
FreeEnvironmentStringsA
WriteFile
MultiByteToWideChar
TransmitCommChar
ReadConsoleW
UnhandledExceptionFilter
HeapReAlloc
GetStringTypeA
GetStartupInfoA
LCMapStringW
FreeEnvironmentStringsW
GetCurrentProcessId
VirtualFree
TlsFree
GetEnvironmentStringsW
GetCurrentProcess
GetSystemTimeAsFileTime
GetEnvironmentStrings
SetHandleCount
HeapFree
GetTickCount
GetCurrentThread
GetACP
GlobalFree
GetLastError
EnumDateFormatsW
ExitProcess
EnterCriticalSection
TlsAlloc
VirtualQuery
CreateFileMappingW
DosDateTimeToFileTime
QueryPerformanceCounter
GetModuleHandleA
TlsSetValue
WriteConsoleA
GetCommandLineA
WideCharToMultiByte
LoadLibraryA

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

945589793140835eb5ca335e9c7c5996

Headers

File Characteristics

Imports

user32

shell32

advapi32

gdi32

kernel32

Sections

.text Size: 123KB - Virtual size: 122KB

.data Size: 268KB - Virtual size: 294KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 123KB - Virtual size: 122KB

.data
Size: 268KB - Virtual size: 294KB

.rsrc
Size: 11KB - Virtual size: 10KB