f0aaaa9f501ecb4e182b5f0fd179fc76784a57586d9e0a7ba936f6af370789c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0aaaa9f501ecb4e182b5f0fd179fc76784a57586d9e0a7ba936f6af370789c0
Size

7.0MB
MD5

ede79647d12f436b3c6b0b8179592965
SHA1

69f61d5f478ac9f927e14740c58532dd797c507a
SHA256

f0aaaa9f501ecb4e182b5f0fd179fc76784a57586d9e0a7ba936f6af370789c0
SHA512

3c31c2d4eb5b9c2e261a73004b43b703c13565de78d6ab14d0d2b1d39dd1d7bf2a0853a917c240e00ef96fcc0d4eeb3ac3af65353a14914202278f9809c8be6d
SSDEEP

98304:UPXjSEF0OaTDSMPYXdUvomIy7lPocTQ/aUMo+6X7c2MQ9d9LovGgnSo4iwgilW:UfjAuMwtUg1y7lwYnf6LtTFLliwgp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0aaaa9f501ecb4e182b5f0fd179fc76784a57586d9e0a7ba936f6af370789c0

Files

f0aaaa9f501ecb4e182b5f0fd179fc76784a57586d9e0a7ba936f6af370789c0
.exe windows:4 windows x86 arch:x86

9ec53a2cb20f8554319948f408b4ccc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
CreateFileA
LCMapStringA
ExitProcess
LoadLibraryA
CloseHandle

user32

SetWindowLongA
CharLowerBuffA
CloseWindow
CreateWindowExA
wsprintfA

advapi32

RegEnumKeyA
RegEnumValueA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegSetValueA
RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ