AdobeUpdate
Static task
static1
1 signatures
General
-
Target
94b8a01ad4b53d202984afb6781d7f88cb5cd329349791516e985ea88e08ad66
-
Size
332KB
-
MD5
c74392c6610f1be113872d6f8571e287
-
SHA1
8e61a789c776631756c22c4675ebfebc7969d517
-
SHA256
94b8a01ad4b53d202984afb6781d7f88cb5cd329349791516e985ea88e08ad66
-
SHA512
50109c1b46f3c00d33197c4ed0586fc0c1c14a83f0a3fdb8f0f442145950d6cf1c756296f8f60d575c274d6001a7159088e2d6d9f4f66eb1bf10c0768aa30cba
-
SSDEEP
6144:eecIPVLJUI5sIK0qVC6F1ByOJeTc0dc2dt8eBloQcUCMe73Zs:UIPV+osIK0qVCM1QOJ88wloBLW
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 94b8a01ad4b53d202984afb6781d7f88cb5cd329349791516e985ea88e08ad66
Files
-
94b8a01ad4b53d202984afb6781d7f88cb5cd329349791516e985ea88e08ad66.dll windows:6 windows x64 arch:x64
ef413bf44ab343d91d91ee8979255ab5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
lstrlenA
lstrlenW
LoadLibraryW
GetModuleFileNameW
CreateProcessW
GetStartupInfoW
GetDriveTypeW
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
SetCurrentDirectoryW
RemoveDirectoryW
CreateFileW
SetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
GetVolumeInformationW
GetVersionExA
GetACP
GetOEMCP
WideCharToMultiByte
RtlZeroMemory
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
FindClose
lstrcatW
CreateEventW
LocalAlloc
LocalFree
CreateThread
SetFileTime
lstrcpynA
GetModuleHandleW
ExpandEnvironmentStringsW
CreateDirectoryW
MoveFileExW
RtlMoveMemory
GetTickCount
TerminateThread
lstrcpyA
CreateMutexW
OpenMutexW
SetFilePointer
ReadFile
WriteFile
InitializeCriticalSection
QueryPerformanceFrequency
FlushFileBuffers
lstrcpyW
lstrcpynW
lstrcmpW
PeekNamedPipe
CreatePipe
GetNativeSystemInfo
lstrcmpiW
CloseHandle
GetFileSize
GetLogicalDrives
Sleep
SetLastError
GetLastError
GetCurrentThreadId
TerminateProcess
FreeLibrary
GetCurrentProcess
OpenProcess
GetProcAddress
WaitForSingleObject
LCMapStringW
HeapSize
OutputDebugStringW
GetStringTypeW
WriteConsoleW
SetStdHandle
HeapReAlloc
HeapAlloc
LoadLibraryExW
GetCPInfo
IsValidCodePage
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetCommandLineA
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
RaiseException
user32
GetDC
OpenDesktopW
SetThreadDesktop
CloseDesktop
GetThreadDesktop
OpenWindowStationW
CloseWindowStation
SetProcessWindowStation
GetProcessWindowStation
ReleaseDC
wsprintfW
gdi32
GetDeviceCaps
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SelectObject
advapi32
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
shell32
SHGetFileInfoW
ws2_32
WSAStartup
socket
WSAGetLastError
gethostname
closesocket
connect
htons
inet_addr
setsockopt
send
recv
shutdown
gethostbyname
shlwapi
PathAppendW
PathIsDirectoryW
PathFileExistsW
PathRenameExtensionW
PathFindFileNameW
StrToIntW
Exports
Exports
Sections
.text Size: 243KB - Virtual size: 243KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ