adfa398416566a943650ad60b331cb28

Sharing

Copy URL Twitter E-mail

General

Target

adfa398416566a943650ad60b331cb28
Size

251KB
MD5

adfa398416566a943650ad60b331cb28
SHA1

179d23a5b0cee913e6d3b477ccf1162c6ab0d455
SHA256

cab13e374de813c78aff550dae98e5f98f4578420a09b04997c0d9cc24a806a9
SHA512

5e5d3c88013b4fa8cb134a7ea513795fe2a30fb16f950ee7fae4b8feaa1099a975134e9f147ab7f4381bd1362611c81ea907d49496e6ddc0d349efb8e68d68bd
SSDEEP

6144:CV5EweB/OhxFTC5DLs8P0VZ+1wUk02A5haYWhSKkKOuzU5+VcMbQW7xQ:45Ewes5C5DLstm1fkvA5h4SI7UH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adfa398416566a943650ad60b331cb28

Files

adfa398416566a943650ad60b331cb28
.exe windows:4 windows x86 arch:x86

2b261fdd2e0aa17a16665864cfdc959c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuStringA
IsCharLowerA
BroadcastSystemMessageW
DdePostAdvise
DrawTextA
MapVirtualKeyExW
AppendMenuA
MsgWaitForMultipleObjects
SetClassWord
GetWindowPlacement
GetWindow
SetScrollRange
GetPriorityClipboardFormat
SetCursor

advapi32

ReportEventW
RegQueryInfoKeyW
CryptDestroyHash
RegDeleteValueW
CryptGetDefaultProviderW
CryptGenRandom
CryptSetKeyParam
CreateServiceA
RegQueryValueExA
LookupAccountNameA
RegSaveKeyA
RegDeleteKeyA
LookupAccountNameW
RegDeleteKeyW
CryptSetProviderExW
RegEnumValueW
CryptGetKeyParam
LogonUserW
RegQueryMultipleValuesA
RegConnectRegistryW
CryptDecrypt
CryptGetUserKey

gdi32

TranslateCharsetInfo
UpdateICMRegKeyA
ExtCreateRegion
PatBlt
ChoosePixelFormat
SetPixelV
ExtTextOutA
GetDeviceCaps
Chord
SetICMProfileW
SetMetaFileBitsEx
GetKerningPairsA
PolyTextOutA
GetStretchBltMode
DeleteDC
CreateFontW
SelectPalette
CreatePalette
GetTextExtentPoint32A
SetMetaRgn
EnumEnhMetaFile

shell32

SHInvokePrinterCommandA
DragQueryFile

kernel32

TlsAlloc
CompareStringW
GetVersionExA
SetLastError
EnumSystemLocalesA
TlsFree
MultiByteToWideChar
GetModuleHandleA
GetCurrentThreadId
GetStringTypeA
GetCurrentProcessId
FreeEnvironmentStringsW
SetHandleCount
WideCharToMultiByte
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
GetProcAddress
GetStartupInfoW
GetCurrentProcess
IsBadWritePtr
HeapCreate
VirtualFree
EnterCriticalSection
GetModuleFileNameW
SetEnvironmentVariableA
GetLastError
LCMapStringA
TerminateProcess
IsValidCodePage
CompareStringA
TlsSetValue
GetSystemTimeAsFileTime
TlsGetValue
GetTickCount
GetLocaleInfoW
GetUserDefaultLCID
DeleteCriticalSection
GetCommandLineW
GetCurrentThread
LCMapStringW
GetACP
HeapReAlloc
WriteFile
GetTimeZoneInformation
GetTimeFormatA
GetStartupInfoA
VirtualProtect
FreeEnvironmentStringsA
GetEnvironmentStrings
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
GetSystemInfo
GetStringTypeW
GetLocaleInfoA
GetComputerNameA
InitializeCriticalSection
HeapSize
GetStdHandle
GetCommandLineA
GetCurrencyFormatA
GetFileType
ExitProcess
IsValidLocale
LeaveCriticalSection
VirtualQuery
HeapAlloc
GetDateFormatA
VirtualAlloc
InterlockedExchange
HeapFree
HeapDestroy
GetShortPathNameA
SuspendThread
GetModuleFileNameA
RtlUnwind

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b261fdd2e0aa17a16665864cfdc959c

Headers

File Characteristics

Imports

user32

advapi32

gdi32

shell32

kernel32

Sections

.text Size: 102KB - Virtual size: 101KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 102KB - Virtual size: 101KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 14KB - Virtual size: 14KB