9aad75171c9f40314bb14ef323bb8fdb | Triage

Sharing

General

Target

9aad75171c9f40314bb14ef323bb8fdb
Size

6.1MB
MD5

9aad75171c9f40314bb14ef323bb8fdb
SHA1

82ec3149cab1039b2b356b8ac2d972114fc142d6
SHA256

c4490d8166adf18292c8bb887a344662653881d605c71472c85e69dcc6f24f37
SHA512

8de2ebe81c364ce29348e7a4b14665fc35d3a00eb5dcaaf831bca4674548b0e4e30a0be0f911386d582ece6a7a76fd3b0174a6065e50c9f982daf160f49b6719
SSDEEP

98304:Gpg+erC8auYWOB+ljN6t4DiJoQJeLXFRahqvf29NvZHuXCMd/56qHstvaPXCaz2I:Wg1rOWOgotmiJoQJ4b3jXpdtHwvaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aad75171c9f40314bb14ef323bb8fdb

Files

9aad75171c9f40314bb14ef323bb8fdb
.exe windows:5 windows x86 arch:x86

38c6262acdcb4b92d2fd4d2e16a1258f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

wtsapi32

WTSSendMessageW

user32

GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

Sections

.text
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 686KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themidi
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.themidi
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ