2aa5588b800f45f57c190badd0220682 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2aa5588b800f45f57c190badd0220682
Size

200KB
MD5

2aa5588b800f45f57c190badd0220682
SHA1

bb1186af5c6808899e40598fe9f4c600a85b7f8d
SHA256

430e2e40c2890a62bb804e65c2d279753c93825dd1a08cb5bed5813f79d83054
SHA512

16b3f232218653f669e29ccabc148937ca0498cfc8f1150cb3391f035dca86186dda8b32d880b28d27f56f828d42a6c8fa5951f45a33d28b008bdb74a53f1c33
SSDEEP

3072:NNOQLnt4QhZkOLfuDg0PtOqzKONqsEykRLSDTDF/cNsm/dqr1bo53BR:NL8OFStZzKqqsE6bWFnB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa5588b800f45f57c190badd0220682

Files

2aa5588b800f45f57c190badd0220682
.exe windows:4 windows x86 arch:x86

35e129c6d191ee1e2f16df7e8c0cf047

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
MessageBoxA

kernel32

TlsGetValue
CreateFileA
SetFilePointer
lstrcpynA
WriteFile
CloseHandle
WinExec
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE