1991af23097a76b82c1c08e7fae2cd34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1991af23097a76b82c1c08e7fae2cd34
Size

317KB
MD5

1991af23097a76b82c1c08e7fae2cd34
SHA1

af006ff4afa73941dac1798b700bf6064311d01b
SHA256

e8f67f47f7137dfa7b9bef22bcb34bd9fd970d0d02b47af915cebc4e771c9c8e
SHA512

140a40b630209eee4249f206fbcfc046ec1763c10d5d0705d23325fabc002fe694d67cddbb52c96cf83a60af4bb8864c64d241188d64c1318ed947a74579b6a5
SSDEEP

6144:t9wqi1UZvfVobjP/nI3cgfpS9oLw74F2ezIwPk8C2hGZMYYy:UhUZvdkbI3ccS/E2ezIwc8nYYy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1991af23097a76b82c1c08e7fae2cd34

Files

1991af23097a76b82c1c08e7fae2cd34
.exe windows:4 windows x86 arch:x86

24a3d40f77359e648d10e0a6f6ff8af3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GlobalUnlock
GetStdHandle
GlobalDeleteAtom
InterlockedExchange
GlobalFree
GetLocaleInfoA
CloseHandle
HeapCreate
GetACP
GlobalAddAtomA
SetConsoleOutputCP
EnterCriticalSection
VirtualProtect
LoadLibraryExA
LockResource
GetDriveTypeA
RaiseException
SetErrorMode
Sleep
GetLastError

user32

IsIconic
BeginPaint
OemToCharA
GetMenuItemInfoA
DrawTextA
SetForegroundWindow
GetParent
GetFocus
ReleaseDC
ShowWindow
DrawEdge
GetWindow
GetClassNameA
GetWindowTextA
EndPaint
GetActiveWindow
ClipCursor
GetCursorPos
ValidateRect

ntdsapi

DsIsMangledDnA
DsBindA
DsGetSpnA
DsCrackNamesA
DsFreeNameResultA

netapi32

DsRoleCancel

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ