ae1c9f7402e1a08ae87af4237fae367164fb6da3da2afd7ffb83d22eaa5643e1 | Triage

Sharing

General

Target

ae1c9f7402e1a08ae87af4237fae367164fb6da3da2afd7ffb83d22eaa5643e1
Size

648KB
MD5

27b0660713e22639e29e98c8d462adfd
SHA1

efd2975759e446be734508b3548db67d0e5df261
SHA256

ae1c9f7402e1a08ae87af4237fae367164fb6da3da2afd7ffb83d22eaa5643e1
SHA512

7bb4dc8a483d5510f728f1cdfec28322abcbb245060b7c0d39fdafe9e14e5f28dca6d13a041d4ae0b1f05829d887a2fc72fe1fbcde09197012443486e1ed742b
SSDEEP

12288:AjrE5bOYOgNAoLli/c0BmYTzq9cWCWablaQdV:AHE5bygNAalnAmYTc0nACV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae1c9f7402e1a08ae87af4237fae367164fb6da3da2afd7ffb83d22eaa5643e1

Files

ae1c9f7402e1a08ae87af4237fae367164fb6da3da2afd7ffb83d22eaa5643e1
.exe windows x86

055ffdef08cf3e7b4362ff844753332c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

comctl32

InitCommonControls

version

VerQueryValueW

user32

CharNextW

oleaut32

VariantCopy

netapi32

NetWkstaGetInfo

advapi32

RegCloseKey

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.MPRESS1
Size: 441KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE