ad1587947cb63c2cbc18e4bf82b7613b

General

Target

ad1587947cb63c2cbc18e4bf82b7613b
Size

120KB
MD5

ad1587947cb63c2cbc18e4bf82b7613b
SHA1

eb01a0d28e9ad7c55802c8e23276d1c08f5bd52c
SHA256

88a2fdc11ecc65e48da04082145f71a1029253423769387af496bc0670734ece
SHA512

e0848ff3d933be64b13035ae3a03aece9532bc361271a4399ba914843aae98a79d54e83bb5269346e9fb9a511351c84a9cccb75976c54e7e3e1ab844552ed38f
SSDEEP

3072:u3O/bWtF+/dbPkW+Qno3w2LivfBEJsRE:n/KToPdjnkLinCJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad1587947cb63c2cbc18e4bf82b7613b

Files

ad1587947cb63c2cbc18e4bf82b7613b
.exe windows:4 windows x86 arch:x86

85baa9ea7b765d7986c8ea918ccfa480

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Jom\Evuh\idapila\Ymesyz.pdb

Imports

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
OleInitialize
OleSetContainedObject

version

VerQueryValueW

uxtheme

GetThemeFont
GetThemeTextExtent
OpenThemeData
CloseThemeData

setupapi

SetupFindFirstLineW
SetupGetLineTextW
SetupFindNextLine
SetupCloseInfFile

kernel32

HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
HeapSize
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
GetLastError
GetVolumeInformationW
InitializeCriticalSection
EnterCriticalSection
WriteConsoleW
CloseHandle
OpenMutexW
VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
GetStartupInfoW
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 637KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

85baa9ea7b765d7986c8ea918ccfa480

Headers

File Characteristics

PDB Paths

Imports

ole32

version

uxtheme

setupapi

kernel32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 64KB - Virtual size: 637KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 64KB - Virtual size: 637KB