abb9f534e39229f5e84b4bfea1955c9f

Sharing

Copy URL

Twitter E-mail

General

Target

abb9f534e39229f5e84b4bfea1955c9f
Size

301KB
MD5

abb9f534e39229f5e84b4bfea1955c9f
SHA1

6836fe414b9cb18d66d9de08399c2e33429b69fd
SHA256

d179cef116ccdbdafcd6e56d7b93cd5fa0b980d73e43544d8a01a7e4aed39c46
SHA512

1d8990b664ff2c162f6a875cdfde2ef33832d4904e87fbef76db9a99d0e6562eb7b16cc49ca694d912f39e8001d8c8b088adc5416b639b512da2975a72953536
SSDEEP

3072:hQaqh0/Stf+9dAishTf4p89WN6Tvbx6lb2vmyVZwinNUObchH/KSsbCxVdLtikt8:hQabT9aTY89vFmb2vmGZvNickt5pAx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abb9f534e39229f5e84b4bfea1955c9f

Files

abb9f534e39229f5e84b4bfea1955c9f
.exe windows:4 windows x86 arch:x86

ad764df29b9db688ceea77ad8d979574

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\develop\global\Release\bin\acad\WSCommCntr.pdb

Imports

kernel32

GetModuleFileNameW
LocalAlloc
FormatMessageW
CreateDirectoryW
GetFileAttributesW
CloseHandle
OpenProcess
DeleteFileW
LocalFree
WaitForSingleObject
SetEvent
CancelWaitableTimer
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerW
CreateThread
LeaveCriticalSection
RaiseException
GetLastError
Sleep
GetModuleHandleW
GetCurrentThreadId
GetCommandLineW
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
EnterCriticalSection
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
CreateEventW
InitializeCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetLocaleInfoA
FreeEnvironmentStringsA
GetTimeZoneInformation
WideCharToMultiByte
GetDateFormatA
GetTimeFormatA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
HeapSize
ExitProcess
VirtualFree
SetFilePointer
GetVersionExA
HeapFree
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetProcessHeap
GetStartupInfoW
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate

user32

CharUpperBuffW
TranslateMessage
DispatchMessageW
SetTimer
PostThreadMessageW
CharNextW
CharUpperW
GetMessageW
UnregisterClassA

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW

shell32

SHGetFolderPathW

ole32

CLSIDFromString
CoUninitialize
CoInitializeEx
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoInitialize
CoCreateInstance

oleaut32

RegisterTypeLi
UnRegisterTypeLi
VariantChangeType
VarBstrCat
SysAllocStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayDestroy
VariantCopy
VariantClear
SafeArrayCopy
VariantInit
VarBstrCmp
SafeArrayUnlock
SafeArrayGetVartype
SafeArrayGetLBound
SafeArrayGetUBound
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
SafeArrayLock

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad764df29b9db688ceea77ad8d979574

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 92KB - Virtual size: 92KB