fa9b272339822453106b375b6b31b7c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa9b272339822453106b375b6b31b7c5
Size

189KB
MD5

fa9b272339822453106b375b6b31b7c5
SHA1

d18a86775348478e021d9ba6a5ea5237a4593322
SHA256

8dc8c4ec68815598f92bb050a7c284fd70d176cdd406dd330fc18ab6e62f077e
SHA512

ffb751f858b358d702cbbf093f4a2f537cf4e2b662cb2a87b0f69df69f29585efc369fb7a9b30ae87e18996d2a2c7770b5e0a0f349ed83956b1d9b2d980086d2
SSDEEP

3072:H1pV+Z9GT57tjjWUtiKhjCdZaH9/NJGVYihM1M+mlRFv+Sm9:TVLNqFmCdZaH9fmYihMb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa9b272339822453106b375b6b31b7c5

Files

fa9b272339822453106b375b6b31b7c5
.exe windows:4 windows x86 arch:x86

47221a32fc568147cbcb0610de2c7fa6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA

kernel32

GetProcAddress
LoadLibraryExA
GlobalAlloc
lstrlenA
GetVersionExA
GetCommandLineA
RaiseException
LocalFree
Sleep
GetOEMCP
GlobalDeleteAtom
GetLocaleInfoA
VirtualAllocEx
GetTickCount
GlobalFindAtomA
GetModuleHandleA
VirtualAlloc
SetEndOfFile
ExitThread
lstrcpynA

version

VerQueryValueA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ