1aecfe6812fce4f903fb1c3bb519fc27b14550f42085b60e8462d3dc254c1592 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1aecfe6812fce4f903fb1c3bb519fc27b14550f42085b60e8462d3dc254c1592
Size

77KB
MD5

b556d241a3b9c91d3c348988bc331aa1
SHA1

91c3e370a3bd4d4b4becc6fc9f062fc370025f17
SHA256

1aecfe6812fce4f903fb1c3bb519fc27b14550f42085b60e8462d3dc254c1592
SHA512

caf3863ce7991ea9815a4a52034a4d9e7d549c544de8a731be0b1ae03b712e3b82ddead487eaefa10e7153d3a1849c259d0f9645534154c7fc8ed4b0d43855c9
SSDEEP

1536:iGrPWqm/jl0wZzeRBVxINg0tgXXu1xqSQqLm8DMIM1late:LzWqcbZzeRBd0tgWci73

Score

N/A

Malware Config

Signatures

Files

1aecfe6812fce4f903fb1c3bb519fc27b14550f42085b60e8462d3dc254c1592
.exe windows x86

af75b500d8a19f349acd51ec084e23a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetCurrentThreadId
CreateEventW
DeleteFileW
SetThreadPriority
GetModuleFileNameW
TlsGetValue
VirtualFree
GetPrivateProfileIntA
SetCurrentDirectoryW
lstrcpynW
GetCommandLineA
GetStringTypeW
WriteConsoleA
GetFullPathNameW
FormatMessageA
lstrlenA
VirtualProtectEx
GetModuleHandleA

aaclient

LoadClientAdapter
OpenKeyReaderWriter
g_fnStartTransport
OpenKeyReader

Sections

.text
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ