3aa4e0154870e8116faac654535faf59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aa4e0154870e8116faac654535faf59
Size

189KB
MD5

3aa4e0154870e8116faac654535faf59
SHA1

ebe65b9b3aa4090ea7af7290aa82e8cbc8a1a9f6
SHA256

cfe9878ae168c735609123052f11f93f5931a72d25190481c7ce479359f9dde3
SHA512

dafbe22b72b61038df1905bea662d494000af4e96e62aea9ff7d281aa460e7a499ca5512f9c21b7109a6e56edc83f29cd64e8a9012ff5cafd0ce847d9f489afb
SSDEEP

3072:rmolOmeA8u/T2dCZblM+odx6w8sAwFJdDFwGVRJY84:rmo8meA/SdKTob6hlw1ZwGV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aa4e0154870e8116faac654535faf59

Files

3aa4e0154870e8116faac654535faf59
.exe windows:4 windows x86 arch:x86

2f2df1db04ef782b758c9b44add00998

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeReadPtr
GetModuleHandleW
LoadLibraryExA
GetModuleHandleA
GetCommandLineA
LoadLibraryA
GetLastError
lstrlenW
GetCommandLineW
ExitProcess
GetProcAddress
IsBadReadPtr
ExitThread
GetACP
VirtualAllocEx

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 893B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ