fa4dda8bd993d3afecc1e0bb706de597 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa4dda8bd993d3afecc1e0bb706de597
Size

484KB
MD5

fa4dda8bd993d3afecc1e0bb706de597
SHA1

7b9a669080a9fb11875eab6b2f7bbc079a080d9a
SHA256

4cea8e67dff8306ecccea55c96cf408bac7a64747ad487af86138d2a96de8609
SHA512

9f846b22c5b97d6905fd8be2d12c2d530ac77bfea9467b7624c292a2a427024fd67ba0f4ff547a741511c3aee63f724adde76b710e30d3abddf80dde81a65406
SSDEEP

12288:PSw1qHSV9TT2PtbRaPOX+OEnSWJEOU1Kd1AJrXR0eI92vIt+K4y8QHiPCcMC+srs:PjYO5QtVaPYUnS+U1Kd1AJrXR0eI92vQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa4dda8bd993d3afecc1e0bb706de597

Files

fa4dda8bd993d3afecc1e0bb706de597
.exe windows:4 windows x86 arch:x86

cff08b9fd28a6a4a999045754ba67d2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

QueryServiceStatus

user32

GetDoubleClickTime
GetInputState

Sections

.text
Size: 481KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 341B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE