ab3ad66b974827a4c413e7e0052ed00b

Sharing

Copy URL

Twitter E-mail

General

Target

ab3ad66b974827a4c413e7e0052ed00b
Size

173KB
MD5

ab3ad66b974827a4c413e7e0052ed00b
SHA1

3b78a56b113b7b24fcbf8c0268c678610919f34b
SHA256

bc48242bb64b374836a40e210f5910cb5eea98c819c5b2b7252457978752cb30
SHA512

a46475ff42c372870de0686fbcb2a31ad1cdb218749175611c3db39364f55c012f0ec4c4a1b8a2307984af82996b89e50cf7b1305e4bc60b0c3552ad6dcea2be
SSDEEP

3072:nNl915Gffjkjyz2pCK+bqirahR+2AoL/0RgB7sSk4cgZmtiB0:NlD5KjkjyipfW5rahQ2AO/0RgBoSxcgU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab3ad66b974827a4c413e7e0052ed00b

Files

ab3ad66b974827a4c413e7e0052ed00b
.exe windows:4 windows x86 arch:x86

21c16bf4b8759f881e70d6e3346b5e9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

kernel32

GetLongPathNameW
WideCharToMultiByte
SetFilePointer
GlobalSize
GetFileSize
GlobalFree
LocalFree
CreateFileMappingA
GetProcessHandleCount
MapViewOfFile
LocalAlloc
EnumResourceTypesA
DisableThreadLibraryCalls
CreateFileA
WriteFile
GetFileAttributesA
GetTickCount
ReadFile
GlobalAlloc
Sleep
UnmapViewOfFile
CreateFileW
CloseHandle

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

CoSetProxyBlanket
BindMoniker
CoUninitialize
OleUninitialize
CreateStreamOnHGlobal
OleInitialize
StgCreateDocfile
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID
CoInitialize
CreateBindCtx
StringFromGUID2
CoTaskMemAlloc
StgOpenStorage
OleLockRunning
CoInitializeSecurity
CreateItemMoniker
GetRunningObjectTable
CoTaskMemRealloc
StgIsStorageFile
CoGetClassObject
CLSIDFromString

user32

DispatchMessageA
InvalidateRect
ReleaseDC
UnregisterClassA
GetClassInfoExA
DrawTextA
GetActiveWindow
GetFocus
PostMessageA
DefWindowProcA
GetDesktopWindow
GetSysColor
SetWindowLongA
GetWindowTextLengthA
CopyRect
FillRect
SetFocus
SetCapture
RegisterClassExA
GetClientRect
GetWindow
KillTimer
CreateAcceleratorTableA
ReleaseCapture
IsChild
GetDlgItem
CallWindowProcA
LoadCursorA
GetDC
SendMessageTimeoutA
SendMessageA
CharNextA
SetWindowTextA
InvalidateRgn
RedrawWindow
MoveWindow
SetRect
PeekMessageA
CreateDialogParamA
EnumDisplayDevicesA
DestroyAcceleratorTable
FindWindowA
GetParent
wvsprintfA
EndPaint
GetWindowLongA
SetParent
SetTimer
EqualRect
GetWindowTextA
GetClassNameA
RegisterWindowMessageA
IsWindow
MsgWaitForMultipleObjects
CreateWindowExA
PostThreadMessageA
ShowWindow
DestroyWindow
GetWindowRect
GetQueueStatus
BeginPaint
wsprintfA
SendNotifyMessageA
SetWindowPos

advapi32

RegQueryValueExA
RegDeleteValueA
CryptGetHashParam
CryptHashData
RegQueryInfoKeyA
RegSetValueExA
CryptReleaseContext
CryptDestroyKey
RegEnumKeyExA
CryptImportKey
CryptCreateHash
CryptEncrypt
RegCloseKey
RegEnumValueA
RegCreateKeyExA
CryptAcquireContextA
CryptDestroyHash
RegOpenKeyExA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

gdi32

SetStretchBltMode
CreateCompatibleDC
CreateDIBSection
CreateSolidBrush
DeleteDC
ExtEscape
CreateCompatibleBitmap
GetDIBits
GetDeviceCaps
CreateFontA
GetObjectA
RealizePalette
DeleteObject
BitBlt
SelectObject
SelectPalette
CreateDIBitmap
GetStockObject
StretchDIBits
SetBkMode

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c16bf4b8759f881e70d6e3346b5e9c

Headers

File Characteristics

Imports

shlwapi

kernel32

setupapi

ole32

user32

advapi32

shell32

wininet

gdi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 88KB