2aa6b8b805668b596cfec0368f7bdaa8 | Triage

Sharing

General

Target

2aa6b8b805668b596cfec0368f7bdaa8
Size

55KB
MD5

2aa6b8b805668b596cfec0368f7bdaa8
SHA1

5f8949da227a31abad5c428e465a12066206a473
SHA256

d2aee87a4eb6d284594d74b8fe08dbe72a530a41758b244579b539f8da094fc3
SHA512

69a4c347f97b51b7ae661d456f035a08d15889899d816fb7423ea36173e6d532a24bf1fd157f049fe247d64eda86239aee1becb81ac23d3a2f4e762220d5d102
SSDEEP

768:4CaprxqXYZ+fz/DkUjqB9VyHwmgZnslHtXrPSYdCCuVzyeReHcCmyzzzh1SckGN:LsZKz/d+0QNs78Cwt0PGckGx33fGz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa6b8b805668b596cfec0368f7bdaa8

Files

2aa6b8b805668b596cfec0368f7bdaa8
.exe windows:1 windows x86 arch:x86

48faadc527284b6e569ca08ec393e1ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStructW
EnumCalendarInfoExA
GetConsoleAliasA
CopyFileW
GetVolumeInformationW
GetConsoleAliasesW
lstrcmpW
GetStringTypeExW
CreateDirectoryA
SetVolumeLabelW

user32

DefFrameProcA
LoadImageA
CharNextExA
RemovePropA
ModifyMenuW
CreateWindowExA
wsprintfA
DlgDirSelectExA
IMPGetIMEA
SendMessageTimeoutW

gdi32

GetEnhMetaFileDescriptionA
CreateFontIndirectA
CreateICA
CreateMetaFileA
CreateColorSpaceW
GetEnhMetaFileDescriptionA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 417B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ