a47386e72df8d2e5182541e00d0b40a9[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a47386e72df8d2e5182541e00d0b40a9.exe
Size

179KB
MD5

a47386e72df8d2e5182541e00d0b40a9
SHA1

266094398d685f073ee516785ec0895704c0f8ea
SHA256

7dd4da213dcf064b4afb06b69c4c15db683271574b2e1da933b2e23bb375f3f2
SHA512

39cb35b1d96df82a72a6461782aa6b70e1d0aad46373d4271341e40c4d1c98363e7aee9bfc31dda08499b147c3e1e8ac6cf8597e92f31bfba118545d1dd9a42b
SSDEEP

3072:Qvpp4K6gHfihdTAMqciIrCRSSINuE4uVmqfWVpkmvFbYdupGb3HSbtLnlr+6Z6nZ:yH46HfihdTAMsIrCvhE4uEqEvFbYdefX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a47386e72df8d2e5182541e00d0b40a9.exe

Files

a47386e72df8d2e5182541e00d0b40a9.exe
.exe windows:4 windows x86 arch:x86

864ea17c6a1ed1afe57195812166feca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeW
LCMapStringW
FileTimeToSystemTime
GetLocalTime
CreateFiberEx
LocalAlloc
LocalFileTimeToFileTime
FindNextFileW
GetCurrentProcess
SetThreadAffinityMask
LoadResource
FileTimeToLocalFileTime
EnumResourceNamesW
GetShortPathNameW
GetOEMCP
CompareStringA
FindClose
SetCurrentDirectoryW
IsBadReadPtr
SetErrorMode
LocalFree
SetThreadPriority
SetEnvironmentVariableW
GetSystemDirectoryW
FindResourceW
SystemTimeToFileTime
FreeLibrary
FindFirstFileW
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

SetCapture
IsWindowEnabled
InvalidateRgn
ValidateRect
EnableWindow
UpdateWindow
ReleaseCapture
DestroyWindow
RealGetWindowClassA
GetCapture
IsWindow
FlashWindow
ValidateRgn
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ