aa13bee37f4d6d6b1bae53069b51c77cb95acfff3f34e6e6ef9de344ddd946ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa13bee37f4d6d6b1bae53069b51c77cb95acfff3f34e6e6ef9de344ddd946ce
Size

40KB
MD5

fab66bf11bbbe35af7c24e73cd45e9c2
SHA1

b5872d2029b639cb96c2e5a12c4b507b4b86d4c0
SHA256

aa13bee37f4d6d6b1bae53069b51c77cb95acfff3f34e6e6ef9de344ddd946ce
SHA512

78c566b80a1bdfe962c4db74f257cd58e622625b62c731a9d16a3c640d01fca8ca7a0dab143590a56d487110cd58f9a0b6fa9ef2020baf5e2b61491e4f5d2a0d
SSDEEP

384:pKfr04uns5muGvg7Ll4GIpFvCZuzCy265vu3b9CVlmt:Q04uxAl4ppcTg5vuLoVlm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa13bee37f4d6d6b1bae53069b51c77cb95acfff3f34e6e6ef9de344ddd946ce

Files

aa13bee37f4d6d6b1bae53069b51c77cb95acfff3f34e6e6ef9de344ddd946ce
.exe windows x86

be15e11e24a457e56b4a36f41a76ee27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetStringTypeW

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysAllocString

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ