adffa7a7fcb0a3b04c664c93f661708e

Sharing

Copy URL Twitter E-mail

General

Target

adffa7a7fcb0a3b04c664c93f661708e
Size

180KB
MD5

adffa7a7fcb0a3b04c664c93f661708e
SHA1

22981256537e3fc09d342301f7ab8ec06dde743f
SHA256

38109c076c11e9a09361646dd845c995d5e07851dc3b7c62de2fbd0601992e57
SHA512

1d3b6484e400a87b3e1b89f53ed658a7ebf1aace374d2662cc76fee0f91b0ea01564fcb8b045e7b839af003a8b298b0b322c51110b02e7fa71538258e6c4e91c
SSDEEP

3072:2M3D4UwmRiAW8ok8lpioYd+QnO8CbElqjnmfpmywbaHGPkbMxkPRlou6aJ6O9M:FTcmz8vio+rQgqjmxmbaHmkoeQuX8T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adffa7a7fcb0a3b04c664c93f661708e

Files

adffa7a7fcb0a3b04c664c93f661708e
.exe windows:4 windows x86 arch:x86

51404fda98e8cf63125a046512fbbd14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoCreateInstance
OleUninitialize
CoUninitialize
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoRetireServer
OleFlushClipboard
CoRevokeClassObject
CoTaskMemAlloc
CoInitialize
OleInitialize
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoTaskMemFree
CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromProgID
CLSIDFromString

advapi32

RegQueryInfoKeyW
RegQueryValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW

kernel32

ConvertDefaultLocale
GetLocaleInfoW
GetCalendarInfoW
GetCurrentDirectoryW
GetModuleFileNameW
RemoveDirectoryW
GetSystemDefaultLangID
MoveFileW
WriteFile
CreateFileW
FindFirstFileW
WideCharToMultiByte
SetFilePointer
CreateDirectoryW
MultiByteToWideChar
DeleteFileW
ReadFile
EnumResourceNamesA
GetFileAttributesW
FindClose
ExitProcess
GetCurrentProcessId
GetVersion
LoadLibraryW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
InterlockedDecrement
lstrcpyW
EnumResourceLanguagesW
FindNextFileW
GetProcAddress

shlwapi

PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
PathFileExistsW
PathAppendW

user32

CharUpperW
SendDlgItemMessageA
InvalidateRect
GetNextDlgTabItem
RegisterWindowMessageW
GetNextDlgGroupItem
GetClassLongW
WinHelpW
InvalidateRgn
SetPropW
RemovePropW
CopyAcceleratorTableW
GetPropW
CharNextW
SetRect
MessageBeep
IsRectEmpty
GetClassInfoExW
CreateWindowExW
DestroyMenu

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

SelectObject
ScaleWindowExtEx
GetDeviceCaps
SetViewportOrgEx
Escape
TextOutW
GetStockObject
GetTextColor
DeleteDC
OffsetViewportOrgEx
ScaleViewportExtEx
RectVisible
GetMapMode
ExtSelectClipRgn
PtVisible
GetBkColor
SetWindowExtEx
ExtTextOutW
GetRgnBox

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51404fda98e8cf63125a046512fbbd14

Headers

File Characteristics

Imports

oleacc

ole32

advapi32

kernel32

shlwapi

user32

shell32

gdi32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 69KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 69KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 244KB