a915fef839b762c6ce9de0adb18fafa5c8a52749de783fd6aface5bf5bebf873 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a915fef839b762c6ce9de0adb18fafa5c8a52749de783fd6aface5bf5bebf873
Size

15.6MB
MD5

01c74c104e59339f96b0ce137351e295
SHA1

997d851ccc85a5ed2aaf46dd39f0dbd5f831e2f4
SHA256

a915fef839b762c6ce9de0adb18fafa5c8a52749de783fd6aface5bf5bebf873
SHA512

5b23ea3f3744322eeb643b44a5d6480a15d88e3f79f7938b272ca11103d12b19a1d486446704b821b08a7015376c3ac2d4c68aa0508b2bec8df4c7d733c6d907
SSDEEP

393216:c0h4/U1V75L7bOcb6VZvt+jC85YEKPKv9WZAWKMIhHVnBbwf:c0hEZvv8CEKPMWKWKMI9VnBc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a915fef839b762c6ce9de0adb18fafa5c8a52749de783fd6aface5bf5bebf873

Files

a915fef839b762c6ce9de0adb18fafa5c8a52749de783fd6aface5bf5bebf873
.exe windows:5 windows x86

88381b84da56810b869e897e6d45bd58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

EnumChildWindows

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm0
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vm1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm2
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bxpck
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.main
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE