a76471ab97fb92e30a44e34fdca8be83[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a76471ab97fb92e30a44e34fdca8be83.exe
Size

200KB
MD5

a76471ab97fb92e30a44e34fdca8be83
SHA1

8ed4afa3e039d3d3d80f58cc2913521ea775817d
SHA256

962c1a0502f678df597c2411eca1a633fc7caecb1e263578f7b1d73c6dea3f89
SHA512

f7f9ee98f53e6c36cdb2b420514ac6f2f02110d5dab9e01f77368b4c28cc9748d1b86cb638469c5f0690d84e3c0d68e3ebbcee50c2d0fd19a0e6ea83758c33a2
SSDEEP

6144:aVplErjx6dMkKOwS2I/3RTFXpImwsYrJDi:a89OiI/3tDdYl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a76471ab97fb92e30a44e34fdca8be83.exe

Files

a76471ab97fb92e30a44e34fdca8be83.exe
.exe windows:4 windows x86 arch:x86

d7adbca3a9a193a96a199fcbe645957d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

GetAcceptLanguagesA
StrCmpIW
UrlCreateFromPathW
PathIsRelativeW
PathCreateFromUrlW
PathFindExtensionW
PathRemoveFileSpecW
UrlUnescapeW
PathAppendW
PathCombineW

kernel32

InterlockedCompareExchange
GlobalFindAtomW
GetLocaleInfoW
UnhandledExceptionFilter
GetCurrentProcessId
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentThreadId
GetTickCount
GetProcessHeap
InterlockedExchange
EnumResourceLanguagesA
LocalAlloc
VirtualProtect
IsDebuggerPresent
GetModuleHandleW
GetPrivateProfileSectionW
GetCurrentProcess
FoldStringW
QueryPerformanceCounter
GetStartupInfoA
GetSystemTimeAsFileTime
DeleteFileW

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 109KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ