a0e754a608b6122d4dbe5368f5def0d0 | Triage

Sharing

General

Target

a0e754a608b6122d4dbe5368f5def0d0
Size

3.9MB
MD5

a0e754a608b6122d4dbe5368f5def0d0
SHA1

c79be504bfbc9c0c7a91f29422145208891eee03
SHA256

c2637563376d80cc3bebc179efe186ed8af7368be2ad517e6ff50a3c601db59c
SHA512

c90e556abd759e49c932772d074afd2d772715c3e8f48fbbf85bccbb15ed0f7aef605ccaa4eb5bb73c8b544f94025c4da853c67001e0e9634215c61129936885
SSDEEP

98304:wMvp1jHdcQ/XiHC9NwPTyBT7eKWLgORacP2W1WRpmo:lvfuwXiHsNsoT7nWsOEfW1WRn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

a0e754a608b6122d4dbe5368f5def0d0

Files

a0e754a608b6122d4dbe5368f5def0d0
.exe windows:4 windows x86 arch:x86

f1a1f8b0f8eccd7bb13fb6b7f07e4441

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
SetErrorMode
GetWindowsDirectoryA
SetCurrentDirectoryA
VirtualProtect
ExitProcess

user32

SetForegroundWindow
GetClassInfoA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.n2sects
Size: 8KB - Virtual size: 10.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsec
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ