b695b0328acbd345d777ab27fec3498a

Sharing

Copy URL Twitter E-mail

General

Target

b695b0328acbd345d777ab27fec3498a
Size

426KB
MD5

b695b0328acbd345d777ab27fec3498a
SHA1

1aac2ad0a29754f92f9a3035f05f695237399577
SHA256

4233c6b925b25b8b1592c7aea80dfd86e4ce0ca18021cf9e911359ca3b23cda4
SHA512

1771cad74459cbc1d31c4640502d0011f3998037f618ee3ccfbb87edcc107ede362d72b5629b51eecd90e5f9ae74fd9a503b5a1e4a7bd750122a84da8f50e662
SSDEEP

12288:Atprnuf+5Nxk683P11rxb3MVzeZ+b/HPKnEswkJ:Atp95Y661r+b/PKEK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b695b0328acbd345d777ab27fec3498a

Files

b695b0328acbd345d777ab27fec3498a
.exe windows:4 windows x86 arch:x86

adbe7d3b8fb74ca0b0a42ae0b349f30a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetEnhMetaFileDescriptionW
SetPolyFillMode
CreatePen
gdiPlaySpoolStream
GetCharWidthFloatA
Chord
SetTextAlign
GetDCOrgEx
GetTextCharsetInfo
BeginPath
GetMapMode
EnumICMProfilesW
PolylineTo
GetCharABCWidthsA
GetClipRgn
SetMapMode
MaskBlt
SetRectRgn
GetEnhMetaFileDescriptionA
SetDeviceGammaRamp

shell32

SHFormatDrive
ShellHookProc
SHInvokePrinterCommandA
ExtractIconA
FreeIconList

kernel32

GetPrivateProfileSectionNamesA
DeleteCriticalSection
GetCommandLineA
VirtualAlloc
GetModuleFileNameW
GetSystemDefaultLangID
EnumDateFormatsA
WriteFile
SetConsoleCtrlHandler
FreeEnvironmentStringsW
lstrcatA
MultiByteToWideChar
TlsAlloc
HeapReAlloc
GetLastError
GetModuleHandleA
WaitNamedPipeW
FlushFileBuffers
ExitProcess
LeaveCriticalSection
TerminateProcess
GetLocalTime
GetSystemTimeAsFileTime
VirtualFree
GetCurrentThreadId
HeapDestroy
TlsFree
GetStartupInfoW
InterlockedExchange
GetModuleFileNameA
GetTickCount
HeapAlloc
GetCurrentThread
LoadLibraryA
FreeEnvironmentStringsA
GetProcAddress
GetVersion
SetHandleCount
GetEnvironmentStringsW
SetThreadIdealProcessor
TlsSetValue
lstrcpynA
GetUserDefaultLangID
GetCurrentProcess
VirtualQuery
GetFileType
SetLastError
EnterCriticalSection
UnhandledExceptionFilter
InitializeCriticalSection
HeapFree
SetComputerNameA
WritePrivateProfileSectionW
GetStdHandle
RtlUnwind
GetStartupInfoA
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
TlsGetValue
GetEnvironmentStrings
GetCommandLineW
IsBadWritePtr

wininet

GopherOpenFileA
GopherGetAttributeA
InternetShowSecurityInfoByURLA
FtpOpenFileW
InternetReadFileExA

advapi32

RegCreateKeyA
RegCreateKeyW
RegDeleteValueA
CryptSignHashW
RegOpenKeyW
CryptDuplicateHash
RegOpenKeyA
RegEnumKeyW
LookupPrivilegeNameA
CryptSetHashParam
RegSetValueExW
LookupAccountNameW
RegDeleteValueW
RegSetValueExA
CryptSetProviderW
ReportEventW
LookupPrivilegeDisplayNameA
CryptEnumProviderTypesW
RegQueryValueExA
CryptDeriveKey
LookupAccountSidA

user32

DefMDIChildProcW
GetClipboardData
GetMonitorInfoW
DlgDirListComboBoxA
GetUserObjectInformationW
CharPrevA
EnumDisplaySettingsA
CharLowerA
GetWindowTextA
CreateCaret
GetClipCursor
CallMsgFilter
PtInRect
UnregisterClassA
GetUserObjectInformationA
CharToOemW
DefFrameProcW
GetMenuItemRect
WaitForInputIdle
UnhookWinEvent
CountClipboardFormats
LoadMenuW
UnionRect

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adbe7d3b8fb74ca0b0a42ae0b349f30a

Headers

File Characteristics

Imports

gdi32

shell32

kernel32

wininet

advapi32

user32

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 5KB - Virtual size: 19KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 5KB - Virtual size: 19KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 8KB - Virtual size: 7KB