adbb5f447cebcde94a842d4b809ce100

Sharing

Copy URL

Twitter E-mail

General

Target

adbb5f447cebcde94a842d4b809ce100
Size

1017KB
MD5

adbb5f447cebcde94a842d4b809ce100
SHA1

3e163f71201938873249856663396f2b50c9e8e1
SHA256

2ad34c69a901497186d18dcda7f86163377a07a9352c2d6a62afad934c55be98
SHA512

3ac02f96bb85557bceee02f3bbd15983c2a8ae5d5639b43e70416ed6afe25d1d9aea93dd4938ec8be8ad8c954d1f94c02ee4d5f9cbaefddd9f4962f5a0ea33b9
SSDEEP

12288:2RH7d2wZGmqV6zY2fFBfU4z7xib+AJzKFXRZb7iwCtja9SQYf6ffsg6YDN0xE:29B2w3qVqY2jffvLYGb0hmSQE6ff16ih

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adbb5f447cebcde94a842d4b809ce100

Files

adbb5f447cebcde94a842d4b809ce100
.dll windows:4 windows x86 arch:x86

d6ddd448f5c304052f14791a521d1bb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32 kernel32

GetLastError Ա

kernel32

GetLastError
VirtualFree
VirtualQuery
VirtualAlloc
SetLastError
GetFileSize
GetModuleFileNameA
OpenFileMappingA
lstrlenA
LoadLibraryA
VirtualProtectEx
VirtualProtect
OpenProcess
TerminateProcess
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
CreateFileA
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
Sleep
lstrcpyA
CreateToolhelp32Snapshot
Thread32First
Thread32Next
DeleteFileA
GetComputerNameA
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
ExitProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapReAlloc
HeapSize
TlsAlloc
TlsFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
MultiByteToWideChar

user32

PostMessageA
wsprintfA
AttachThreadInput
UpdateWindow
GetWindowThreadProcessId
EndDialog
MoveWindow
ShowWindow
GetDesktopWindow
DialogBoxParamA
UnregisterHotKey
RegisterHotKey
SetTimer
KillTimer

msvcrt

_access
_strlwr
fputwc
ungetwc
fgetwc
isdigit
isalpha
rename

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathA

Exports

Exports

A
A1
A2
A3
AA
AX
CRS

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 445KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6ddd448f5c304052f14791a521d1bb5

Headers

File Characteristics

Imports

kernel32 kernel32

kernel32

user32

msvcrt

iphlpapi

shell32

Exports

Exports

Sections

.text Size: 552KB - Virtual size: 552KB

Size: 15KB - Virtual size: 20KB

Size: 445KB - Virtual size: 448KB

Size: 512B - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

.text
Size: 552KB - Virtual size: 552KB