ade5048d052ba91ee54ccca7755e7093

Sharing

Copy URL Twitter E-mail

General

Target

ade5048d052ba91ee54ccca7755e7093
Size

616KB
MD5

ade5048d052ba91ee54ccca7755e7093
SHA1

46e2b48e974f997dbc409592378185267a64b1e9
SHA256

e979d13c7a2adf334632e973f100cf1f330858d131e2f5496c6129b3535e1a77
SHA512

913959d7cf9bfdacfcbee1db147ea96ec0f0c49787b740d697d6ac020fb363ab1628d65e24e4a1e5e9d46c65df371d0a4ddd127c469fce048ce2da9dac6e3f60
SSDEEP

12288:oqsqr9x7XuqdNnpJ4hs5Hkun7zkQEaoxm5zCMhEaOaXn9qwkAEAN5m6QSqtne6y6:fsqrzuGnpJ4hsBkunXBtoU5eTCn9qwdj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ade5048d052ba91ee54ccca7755e7093

Files

ade5048d052ba91ee54ccca7755e7093
.exe windows:4 windows x86 arch:x86

4a0acfbe7de6db8bdcac9e9c0bc84912

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
SetStdHandle
GetCurrentThread
TlsSetValue
FindFirstFileExA
GlobalAddAtomA
InterlockedIncrement
GetSystemDirectoryW
GetProcessHeap
OpenMutexA
FileTimeToDosDateTime
GlobalUnlock
SetFilePointer
GetSystemTimeAsFileTime
CreateFileMappingA
VirtualQuery
SetVolumeLabelW
GetCompressedFileSizeA
GetEnvironmentStrings
EnumSystemLocalesA
GetSystemInfo
MultiByteToWideChar
GetFileType
GetOEMCP
GetCommandLineA
LoadModule
GetThreadLocale
GetACP
GetCurrentProcessId
CreateToolhelp32Snapshot
FillConsoleOutputCharacterA
HeapSize
GetLocaleInfoW
FreeEnvironmentStringsW
FillConsoleOutputCharacterW
GetLogicalDriveStringsA
IsBadWritePtr
SetHandleCount
IsValidLocale
ResetEvent
GetCurrentThreadId
GetCurrencyFormatW
GetTimeZoneInformation
ReadFile
VirtualQueryEx
GetStartupInfoA
GetNumberFormatW
IsValidCodePage
EnterCriticalSection
CreateDirectoryExW
GetConsoleTitleA
DeleteCriticalSection
EnumDateFormatsExW
CloseHandle
GetEnvironmentStringsW
GlobalGetAtomNameA
HeapDestroy
GetDiskFreeSpaceA
HeapReAlloc
HeapAlloc
SetVolumeLabelA
SetThreadIdealProcessor
LoadLibraryA
GetCPInfo
GetStdHandle
DeleteFileW
SetConsoleCtrlHandler
GetProfileStringA
EnumResourceLanguagesA
GetTickCount
GetLocaleInfoA
TerminateProcess
TlsFree
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringA
GetStringTypeExW
ExitProcess
LocalFlags
EnumSystemLocalesW
GetDateFormatA
SetLastError
LeaveCriticalSection
GlobalFree
VirtualFree
GetProfileStringW
CreateProcessA
GetThreadPriority
CompareStringW
FreeEnvironmentStringsA
UnlockFileEx
InterlockedExchange
CompareStringA
SetEnvironmentVariableA
UnlockFile
GetPrivateProfileStructA
VirtualProtect
OpenWaitableTimerA
FlushFileBuffers
GetTimeFormatA
CreateMutexA
WideCharToMultiByte
WriteFile
WaitForSingleObjectEx
GetProcAddress
TlsAlloc
GetModuleFileNameW
InitializeCriticalSection
GetLastError
GetModuleHandleA
TlsGetValue
RtlUnwind
LCMapStringW
GetCalendarInfoA
VirtualAlloc
GetVersionExA
QueryPerformanceCounter
InterlockedCompareExchange
GetCurrentProcess
GetStringTypeW
HeapCreate
CreateNamedPipeA
GetThreadSelectorEntry
GetStringTypeA
HeapFree
GetProfileIntW
GetAtomNameA
GetShortPathNameW
GetUserDefaultLCID
WaitNamedPipeW
SetEnvironmentVariableW

comctl32

DrawStatusTextW
CreateToolbar
DrawStatusText
ImageList_DragLeave
ImageList_SetFilter
ImageList_SetFlags
InitCommonControlsEx
CreateUpDownControl
ImageList_Write
ImageList_EndDrag
ImageList_DragEnter
CreateStatusWindow
ImageList_Copy
ImageList_Destroy

user32

ImpersonateDdeClientWindow
GetMessageA
IsDialogMessageA
InSendMessage
LoadStringA
VkKeyScanExW
EnumDisplayDevicesW
DdeCreateDataHandle
DrawIcon
PeekMessageA
SetClassWord
WindowFromPoint
DdeReconnect
BroadcastSystemMessageA
RealGetWindowClass
RegisterClassExA
CharLowerBuffA
CreateCaret
RegisterClassA
IsMenu
CopyIcon
DialogBoxParamW
GetDlgItemTextA
SetWindowTextW
MessageBoxW
IsWindowEnabled
SetWinEventHook
RegisterWindowMessageW
CharNextA
ReplyMessage
UpdateWindow
SetMessageQueue
BlockInput
SendDlgItemMessageW
ScrollDC
AnyPopup
GetAltTabInfo

wininet

ShowClientAuthCerts
InternetCrackUrlA
InternetShowSecurityInfoByURL
SetUrlCacheEntryGroup
RegisterUrlCacheNotification
InternetGetCertByURLA
HttpCheckDavCompliance
SetUrlCacheGroupAttributeA

gdi32

EnumEnhMetaFile
GetDIBits
PolyDraw
WidenPath
GetDIBColorTable
SaveDC
GetCharacterPlacementW
EnumFontsA
ResizePalette
GetTextColor
GetMetaRgn
SetLayout
GetRandomRgn
EnumFontFamiliesW
gdiPlaySpoolStream
AngleArc
UpdateColors
ExtFloodFill
SetPixel
Chord
Ellipse

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a0acfbe7de6db8bdcac9e9c0bc84912

Headers

File Characteristics

Imports

kernel32

comctl32

user32

wininet

gdi32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 112KB - Virtual size: 136KB

.rsrc Size: 64KB - Virtual size: 62KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 112KB - Virtual size: 136KB

.rsrc
Size: 64KB - Virtual size: 62KB