7a16206ab391122085a69d535e31b5c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7a16206ab391122085a69d535e31b5c3
Size

64KB
MD5

7a16206ab391122085a69d535e31b5c3
SHA1

29878a4a5cc4b05bb8409768b80a2bcf958fa134
SHA256

33d74f9522a7a4d685828c4adb313b1e19952fd03947eeb9dc9ae1601febb8e2
SHA512

0df0a0bf26c93ff75542a38a37bb02a9075966f23cacb1d77b9c354bb65d653ceeb852dfd58f9e1d9acedd03d7f99500c5eb9329ecb05ebf0eaec8cf5ed58d2b
SSDEEP

1536:Rnn82mKvyiW8DUub73W7gR9CPvn9pRSOG8b:JrmKvyOUGj9s5F9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a16206ab391122085a69d535e31b5c3

Files

7a16206ab391122085a69d535e31b5c3
.exe windows:4 windows x86 arch:x86

f590c1bbcdde1d49f36862dd6c0d3f85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVDMCurrentDirectories
SetEnvironmentVariableA
ReadConsoleW
EscapeCommFunction
HeapQueryTagW
GlobalLock
RaiseException
GetWindowsDirectoryA
MoveFileExW
GetModuleHandleW
EnumerateLocalComputerNamesA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE