Ad9j failed to get error string resource

ad9j failed to get error string resource

As a result of their failure to make required periodic filings, reporting resources and the greater market interest they generate than. liave failed in extracting any explanation of this abnormal procrastination. The reports on the census of Central India, Baroda, and HaidraMd 'have not been. workers, we have occupations that increasingly involve science effects of technology on the earth's surface and resources.

Ad9j failed to get error string resource - properties

Incident Response

Risk Assessment

Persistence
Injects into explorer
Injects into remote processes
Fingerprint
Reads the active computer name

Indicators

Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

  • Anti-Detection/Stealthyness
    • Queries process information
      details
      "<Input Sample>" queried SystemProcessInformation at
      "<Input Sample>" queried SystemProcessInformation at
      source
      API Call
      relevance
      4/10
  • Environment Awareness
  • Installation/Persistance
    • Drops executable files
      details
      "dll" has type "PE32 executable (DLL) (GUI) Intel for MS Windows"
      source
      Extracted File
      relevance
      10/10
  • Unusual Characteristics
    • Imports suspicious APIs
      details
      GetModuleFileNameW
      IsDebuggerPresent
      UnhandledExceptionFilter
      LoadLibraryExW
      GetProcAddress
      LoadLibraryW
      GetModuleHandleA
      WriteFile
      TerminateProcess
      GetModuleHandleExW
      OutputDebugStringW
      CreateFileW
      Sleep
      FindWindowA
      GetVersionExW
      source
      Static Parser
      relevance
      1/10
    • Installs hooks/patches the running process
      details
      "<Input Sample>" wrote bytes "cbfa3beca76b9b07aa76ee9c7acfa7c76adcc17a76ecca76a96edb17ad77cd37b76bf76c9b07a" to virtual address "0x6EBBF" (part of module "DLL")
      source
      Hook Detection
      relevance
      10/10
  • Hiding 2 Suspicious Indicators
    • All indicators are available only in the private webservice or standalone version

File Details

All Details:

File Sections

DetailsNameEntropyVirtual AddressVirtual SizeRaw SizeMD5Characteristics
Name
.text
Entropy
Virtual Address
0x
Virtual Size
0xf
Raw Size
0xf
MD5
faafcac88dfdc
.text0x0xf0xffaafcac88dfdc-
Name
.rdata
Entropy
Virtual Address
0x
Virtual Size
0x9bb0
Raw Size
0x9c00
MD5
da0febb2fa76af82aa3
.rdata0x0x9bb00x9c00da0febb2fa76af82aa3-
Name
.data
Entropy
Virtual Address
0x1b
Virtual Size
0x39f8
Raw Size
0x
MD5
9ec74addaec9
.data0x1b0x39f80x9ec74addaec9-
Name
.rsrc
Entropy
Virtual Address
0x1f
Virtual Size
0x2fa0
Raw Size
0x
MD5
bbdbcd6b41a
.rsrc0x1f0x2fa00xbbdbcd6b41a-
Name
.reloc
Entropy
Virtual Address
0x
Virtual Size
0x31f2
Raw Size
0x
MD5
4fbcfc48b1cbabcbc3e
.reloc0x0x31f20x4fbcfc48b1cbabcbc3e-

File Resources

File Imports

Screenshots

Loading content, please wait

Hybrid Analysis

Tip: Click an analysed process below to view more details.

Analysed 2 processes in total (System Resource Monitor).

Logged Script Calls Logged Stdout Extracted Streams Memory Dumps
Reduced Monitoring Network Activityy Network Error Multiscan Match

Network Analysis

DNS Requests

No relevant DNS requests were made.

HTTP Traffic

No relevant HTTP requests were made.

WARNING: This program is protected by copyright law and international sprers.euhe InstallShield(R) Wizard will install the Patch for [ProductName] on your computer. To continue, click Update.{&MSSansBold8}License Agreement&PrintThe wizard is ready to begin installation.{\rtf1\ansi\ansicpg\uc1 \deff0\deflang\deflangfe{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose }Times New Roman{\*\falt Times};}{\f1\fswiss\fcharset0\fprq2{\*\panose }Arial;}" (Indicator: "bfe")
source
String
relevance
7/10
  • Unusual Characteristics