adf203985c70f3b08961f5976f10f21f

Sharing

Copy URL Twitter E-mail

General

Target

adf203985c70f3b08961f5976f10f21f
Size

164KB
MD5

adf203985c70f3b08961f5976f10f21f
SHA1

3880a79361ebc998965dbad4ea92002668ccaee7
SHA256

90d10fbc1c6ff3f335881ec8b31fd8630434a0c666db6c11da064476fc166c3e
SHA512

6f1a7a395f842929d38a0deaebdc0f52a2908b5e71d38d54fd8ae13922e96f487ad8aba3887496378e1001d60f81fcffd406d3ecfec15cdb43b1d6d2ebcfb696
SSDEEP

768:mo8J+Hv9z0eP+LH8vWu8kLxe+2ot3SFK8JhYfi7vy7GWH3v8noW4ZXT:k+HVzFyzuDLxx2y8JhY6DjWXqo5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adf203985c70f3b08961f5976f10f21f

Files

adf203985c70f3b08961f5976f10f21f
.exe windows:4 windows x86 arch:x86

9a268b3d0b474e44c969d4ea3e3d4508

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
SetStdHandle
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
SetConsoleCtrlHandler
GetCommandLineA
GetStringTypeA
RtlUnwind
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
LoadLibraryA
GetProcAddress
OpenProcess
GetStringTypeW
GlobalAddAtomA
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
HeapDestroy
HeapCreate
VirtualFree
GetCurrentProcess
VirtualAlloc
CloseHandle

user32

FindWindowA
KillTimer
PostQuitMessage
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
SetTimer
MessageBoxA
RegisterHotKey
SendMessageA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

GetStockObject

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a268b3d0b474e44c969d4ea3e3d4508

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB