09abdbaff5c9adace5ff3f0203e84431 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09abdbaff5c9adace5ff3f0203e84431
Size

16KB
MD5

09abdbaff5c9adace5ff3f0203e84431
SHA1

2dc126197b19aac51b056a02d6d55a75ae3c5e13
SHA256

350a8ed9a08fe8fd59c7e117895eef644f7f9778d5f42791852fc18b1322490f
SHA512

5f47a9bffeae719dbdfae791ce3e63c4b33e9d90a933ade295d4cefc55440db58ff078fc8fd9f2212cba44a0deafac6a0f753ac4f8654bb39dbcd1b5c59424e4
SSDEEP

48:6vPpNd0gvUOgFHKuVsMIpUvar1WFXgoyjc77aRC+O2B/KKDgFzwIPT:gLxAqaF6SarMFXtyI77a9O2BlIb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09abdbaff5c9adace5ff3f0203e84431

Files

09abdbaff5c9adace5ff3f0203e84431
.exe windows:4 windows x86 arch:x86

780aff5ba8cec24ce067340e079374a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetSystemDirectoryA
Sleep
GetProcAddress
LoadLibraryA
CloseHandle
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetModuleHandleA
OpenProcess
WinExec
GetWindowsDirectoryA

user32

FindWindowA
GetWindowThreadProcessId

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE