ac29252c25199d6c512cd6f2295674c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac29252c25199d6c512cd6f2295674c2
Size

1.8MB
MD5

ac29252c25199d6c512cd6f2295674c2
SHA1

49d57f02a34a0e6e13efd02f3ad560964a5754c2
SHA256

1162478f09e816cfd140669c7ad8a5ca25da44da29032b14097b571092333636
SHA512

1dc874dfc9ef1f02f47c37e5730748f0424761846dce6dbc32840fdfaff017b162036e350ed9b17f9331c2c8fbc483fc41916a4c505ad25a08922513778deff3
SSDEEP

49152:2e2YYYYYYYYYYYRYYYYYYYYYYNHRA7/eaizGkNQG+dG:N2YYYYYYYYYYYRYYYYYYYYYYNHRaHUGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac29252c25199d6c512cd6f2295674c2

Files

ac29252c25199d6c512cd6f2295674c2
.exe windows:6 windows x86 arch:x86

de5a26253049ef500b9d2e158563c154

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

GetThreadDesktop

advapi32

CryptCreateHash

comctl32

DllGetVersion

Sections

Size: - Virtual size: 704KB

IMAGE_SCN_MEM_READ

Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE