f2ac390b52f206b054befdf6b04f717b98df64eeb74c83629a75a93f09b1a6c7[.]exe | Triage

Sharing

General

Target

f2ac390b52f206b054befdf6b04f717b98df64eeb74c83629a75a93f09b1a6c7.exe
Size

572KB
MD5

a8dace7c846f4ef07bb755707a0dd1b0
SHA1

e5660ab0f3cbe65474d8859ed28a4e89547ff3cc
SHA256

f2ac390b52f206b054befdf6b04f717b98df64eeb74c83629a75a93f09b1a6c7
SHA512

be5dc0f71498d3c8ea7bf6091dc5f61e28e0895301406481182d7ca3cf3540cdd1ed1ae7accb5bc1a8ea0099644583950be367f0a9a75b52a69af55daca846e8
SSDEEP

12288:x2KtHwU0K4lvRr26k0BdSgp1IrOEMln7CmtOyj+mRsoDNelak95lx:gKtHwU0h/rBdfuOEY7nvDslak95l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2ac390b52f206b054befdf6b04f717b98df64eeb74c83629a75a93f09b1a6c7.exe

Files

f2ac390b52f206b054befdf6b04f717b98df64eeb74c83629a75a93f09b1a6c7.exe
.exe windows:6 windows x86 arch:x86

a238dd5e708b2e5b98247b73320c973d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
ExitProcess
ReleaseSRWLockExclusive

user32

GetDC
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
GetObjectW
SelectObject

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ