adec3128416bd743412a3e26c887c643413ad053d612a48486f5929e7ad0aca9

Sharing

Copy URL

Twitter E-mail

General

Target

adec3128416bd743412a3e26c887c643413ad053d612a48486f5929e7ad0aca9
Size

4.0MB
MD5

222107a3e37e1736bf3bee9c24e8fc35
SHA1

b149f79402b3911e607fe0a92b0eef24075fedc8
SHA256

adec3128416bd743412a3e26c887c643413ad053d612a48486f5929e7ad0aca9
SHA512

496822c79956197288b5de6454f348b8e2043172e85beb7d55a3b9dad4fd86dce976ec0bd7ffedfffb7bdebe4e30d4ce9c6047b024a4fde9a993a024f07430e1
SSDEEP

98304:0ZWqtFIlEl9lCw+hLx0px3SMRRWMbNiYltG:0ZPFIl+7CwuLx07iGpiYl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adec3128416bd743412a3e26c887c643413ad053d612a48486f5929e7ad0aca9

Files

adec3128416bd743412a3e26c887c643413ad053d612a48486f5929e7ad0aca9
.exe windows:6 windows x86 arch:x86

9ca646d74e4d6b143e24f528ee0318a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrRetToBufW

version

VerQueryValueW

user32

GetDC

psapi

GetProcessImageFileNameW

oleaut32

VariantInit

advapi32

FreeSid

msvcrt

_gcvt

rasapi32

RasEnumConnectionsW

winhttp

WinHttpOpen

sqlite3

sqlite3_free

wsock32

bind

gdi32

Pie

mpr

WNetGetConnectionW

winmm

timeGetTime

wininet

InternetOpenW

comdlg32

PrintDlgW

comctl32

ImageList_Add

shell32

SHGetMalloc

wjslib

WJSOpen

ole32

OleDraw

iphlpapi

GetIfEntry

ntdll

NtDeleteFile

powrprof

SetSuspendState

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

Size: 3.8MB - Virtual size: 15.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ca646d74e4d6b143e24f528ee0318a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

version

user32

psapi

oleaut32

advapi32

msvcrt

rasapi32

winhttp

sqlite3

wsock32

gdi32

mpr

winmm

wininet

comdlg32

comctl32

shell32

wjslib

ole32

iphlpapi

ntdll

powrprof

Exports

Exports

Sections

Size: 3.8MB - Virtual size: 15.9MB

Size: 6KB - Virtual size: 5KB

.rsrc Size: 182KB - Virtual size: 181KB

.rsrc
Size: 182KB - Virtual size: 181KB