ab69a4e855d760f66681a6f3e2250500_exe32[.]exe | Triage

Sharing

General

Target

ab69a4e855d760f66681a6f3e2250500_exe32.exe
Size

66KB
MD5

ab69a4e855d760f66681a6f3e2250500
SHA1

872f506733c7febcf31d918b2cd987212e27cd24
SHA256

6eb039684f8852364eeb66aa7aea6a1094119942ddf19085eadf971879af7595
SHA512

d2d434215b84fdb829779b05f5efba1e08f318b52592cd509b445e54fc0d5238bd0d21001c2d22c9f1bfbced48355097a6d71165431980076ebc8be09fe7d64b
SSDEEP

1536:BSrA+inmWs8urboubHE4pZxNeH7iwmearpakZRZbYBqIGQ:BknsuogZaHewkpcBqIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab69a4e855d760f66681a6f3e2250500_exe32.exe

Files

ab69a4e855d760f66681a6f3e2250500_exe32.exe
.exe windows:4 windows x86

9cd35e5b7154bfc6f11d12ef55140a72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
SetConsoleScreenBufferInfoEx
GetThreadDescription
GetTickCount
K32GetModuleInformation
PrefetchVirtualMemory
FindActCtxSectionStringWWorker
Wow64SetThreadContext
FindFirstStreamW
SetCachedSigningLevel

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE