eab5b154f3bfa5fac4e6578089f94609[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eab5b154f3bfa5fac4e6578089f94609.exe
Size

536KB
MD5

eab5b154f3bfa5fac4e6578089f94609
SHA1

2353ad373c4ad397e44bb1c53deaf923ae60d092
SHA256

20f394b0020f53a4fd155a68adaff1116ba146cd65b462a0edcd73632a26131b
SHA512

b3e2d319d00471f2380e3f8fa0c096424d4b6fbf029f42cbdc50c2ac737b7247c57e4bacd7cedaf32385595a9516707093a17bc237b141f357faa67cb7aa616c
SSDEEP

12288:TW4V0puvt8k7kEjINM10JDx5+sh8dJSJt:TTVfvm2aAKDx5fh8d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eab5b154f3bfa5fac4e6578089f94609.exe

Files

eab5b154f3bfa5fac4e6578089f94609.exe
.exe windows:4 windows x86 arch:x86

cfcb7f7b7594bc89ec20fe5117e847c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
CloseHandle
lstrlenA
GetModuleHandleA
LocalSize
GetDriveTypeW
GetStartupInfoA
CreateFileMappingW
DeviceIoControl
HeapCreate
LocalFlags
Sleep
GetConsoleAliasW
GetModuleFileNameW
GetCommandLineA
IsDebuggerPresent
CloseHandle
FindClose
CreateFileW
GetFileTime

user32

GetIconInfo
PeekMessageA
GetWindowLongA
DispatchMessageA
DestroyMenu
CallWindowProcW
BeginPaint
LoadImageA
IsZoomed
DrawTextW
DestroyWindow
DispatchMessageA
IsWindow

dmcompos

DllRegisterServer
DllRegisterServer
DllRegisterServer
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 529KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ