10aa427f5fea6d7b739d38006cb04cf2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10aa427f5fea6d7b739d38006cb04cf2
Size

413KB
MD5

10aa427f5fea6d7b739d38006cb04cf2
SHA1

010845be8cdf846791fd091132e1a3eda30ebcbd
SHA256

81c44f1d72d6dfe96c39e5116aab1ab8345cbf874351ba712026af8befe762a5
SHA512

7db2c9319ef19e679a28141eb335e1320dd29b14fd98dbe333a031864774f64b29d56e7e05a55928b420a025bccaf7f2daf206b3ab844a4023427bee99380fd7
SSDEEP

6144:RdT42n6zoBRq2U72s9BAot5glelrxX6vV2VYtUo8Od8ewWHsk:Dz9G2o2s9+ovglxYVOUteHwwZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10aa427f5fea6d7b739d38006cb04cf2

Files

10aa427f5fea6d7b739d38006cb04cf2
.exe windows:4 windows x86 arch:x86

68a5aca5b55d996c1da0cfe2a57a72a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
LocalHandle
ExitProcess
VirtualAlloc
GlobalFlags
GetStdHandle
CreateMailslotA
GlobalLock
EnumDateFormatsA
GetProfileIntA
CreateJobSet
EnterCriticalSection
GetProfileStringA
GetUserDefaultLangID
GetProcessHeap
GetVolumePathNameA
GetTapeStatus
CloseHandle
GlobalFree
FindAtomA
GetModuleHandleA

user32

GetActiveWindow
ValidateRect
IsIconic
EndPaint
GetWindow
GetParent
GetClassNameA
BeginPaint
GetFocus
GetDC
ShowWindow
GetWindowTextA
RegisterClassA
ReleaseDC
GetForegroundWindow
GetClassInfoExA
DrawEdge
GetWindowTextLengthA
CloseWindow

gdi32

GetColorSpace
ExtCreatePen
GetCharWidthA
CreateDIBitmap
CreateDCA

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ