ad1a45770acf08857f3465c5a7df4a5c

Sharing

Copy URL

Twitter E-mail

General

Target

ad1a45770acf08857f3465c5a7df4a5c
Size

1.2MB
MD5

ad1a45770acf08857f3465c5a7df4a5c
SHA1

883000b75fe4a1c0d2de3ed72e82a20c1460e5f8
SHA256

7b9b0746de2d429c306280b530caa796fa4731f001b5c0feee6bbe299b736693
SHA512

fd3fca1ce6b5e6ef2f2011e6095ba908522a826420aebd26fbc3d7492facaf23c3e2bd1239fb853a7f5a90027e3729984cdb47b1179ef1b10fc6002cdc54bcf5
SSDEEP

24576:Dx8OZVMs0gcl5ThPw70mgZ7mWFIBrH80aKfQSMtK+:9840g0F5w7hgRmWFIZcd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad1a45770acf08857f3465c5a7df4a5c

Files

ad1a45770acf08857f3465c5a7df4a5c
.exe windows:6 windows x86 arch:x86

5cbb5aafcc3b91bdf370af89e705382c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FileTimeToSystemTime
SetFilePointer
SetFilePointerEx
FreeEnvironmentStringsA
VirtualFree
InterlockedFlushSList
GetEnvironmentStringsA
CompareStringA
DeleteFileA
GetStringTypeA
lstrcmpiA
InterlockedCompareExchange
InterlockedIncrement
GetFileAttributesA
InterlockedPopEntrySList
WaitNamedPipeA
GetEnvironmentVariableA
WriteFile
ReadFileEx
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetSystemTime
GetNamedPipeHandleStateA
ExpandEnvironmentStringsA
GetSystemTimes
SetFirmwareEnvironmentVariableA
lstrcmpA
WriteFileEx
TransactNamedPipe
DosDateTimeToFileTime
InterlockedExchangeAdd
HeapSize
CloseHandle
SetNamedPipeHandleState
GetStringTypeExA
ConnectNamedPipe
InterlockedPushEntrySList
HeapAlloc
ReadFile
PeekNamedPipe
CreateFileA
SystemTimeToFileTime
lstrcpynA
FileTimeToLocalFileTime
WriteFileGather
GetFileTime
GetProcessHeaps
GetFileAttributesExA
GetProcessHeap
InterlockedDecrement
VirtualAlloc
CallNamedPipeA

user32

DestroyMenu
OpenClipboard
SendMessageA
GetDlgItem
LoadAcceleratorsA
CheckMenuRadioItem
EndDialog
GetWindowTextA
ChildWindowFromPoint
GetMenu
IsChild
GetWindowLongA
TranslateAcceleratorA
GetMessageA
DrawTextA
SetWindowPos
IsDialogMessageA
GetClientRect
GetDesktopWindow
EnableWindow
MessageBoxA
InvalidateRect
WinHelpA
OffsetRect
SetWindowLongA
LoadStringA
GetDlgCtrlID
GetWindowRect
DefWindowProcA
TranslateMessage
CreateWindowExA
ShowWindow
LoadMenuA
DialogBoxParamA
SetCursor
SetDlgItemTextA
BeginPaint
EnableMenuItem
CharNextA
GetSubMenu
CallWindowProcA
UpdateWindow
LoadCursorA
RegisterClassExA
CheckDlgButton
GetSysColor
CreateDialogParamA
SetDlgItemInt
MapWindowPoints
GetProcessDefaultLayout
SetMenu
TrackPopupMenuEx
DestroyWindow
GetSysColorBrush
CheckMenuItem
CloseClipboard
ScreenToClient
DispatchMessageA
SetWindowTextA
MessageBeep
GetClipboardData

advpack

OpenINFEngine
ExtractFiles
GetVersionFromFile
RegSaveRestoreOnINF
DoInfInstall
GetVersionFromFileEx
SetPerUserSecValues
DelNode
TranslateInfString
FileSaveMarkNotExist
AddDelBackupEntry
IsNTAdmin
RunSetupCommand
UserUnInstStubWrapper
RegRestoreAll
LaunchINFSection
CloseINFEngine
LaunchINFSectionEx
NeedReboot
FileSaveRestore
RegSaveRestore
UserInstStubWrapper
ExecuteCab
AdvInstallFile
DelNodeRunDLL32

cryptui

I_CryptUIProtect
CryptUIWizSubmitCertRequestNoDS
CryptUIWizCreateCertRequestNoDS
CryptUIDlgViewCertificatePropertiesA
CryptUIDlgViewSignerInfoA
ACUIProviderInvokeUI
CryptUIDlgFreeCAContext
CryptUIDlgViewCertificateA
DllUnregisterServer
EnrollmentCOMObjectFactory_getInstance
CryptUIFreeCertificatePropertiesPagesA
CryptUIDlgViewCTLA
WizardFree
CryptUIWizFreeDigitalSignContext
CryptUIWizBuildCTL
I_CryptUIProtectFailure
CryptUIDlgSelectCertificateA
LocalEnroll
CryptUIDlgSelectCA
LocalEnrollNoDS
CryptUIWizFreeCertRequestNoDS
CryptUIDlgSelectStoreA
CryptUIDlgViewContext
CryptUIFreeViewSignaturesPagesA
CryptUIGetCertificatePropertiesPagesA
CryptUIDlgViewCRLA
CryptUIDlgCertMgr
RetrievePKCS7FromCA
CryptUIWizDigitalSign
CryptUIWizQueryCertRequestNoDS
CryptUIWizImport
CryptUIGetViewSignaturesPagesA
CryptUIWizCertRequest
CryptUIWizExport

Sections

.text
Size: 991KB - Virtual size: 991KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cbb5aafcc3b91bdf370af89e705382c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advpack

cryptui

Sections

.text Size: 991KB - Virtual size: 991KB

.data Size: 49KB - Virtual size: 49KB

.rsrc Size: 142KB - Virtual size: 3.2MB

.text
Size: 991KB - Virtual size: 991KB

.data
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 142KB - Virtual size: 3.2MB