5a069ba3ac2d8eb67fc7b02ada88a1e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a069ba3ac2d8eb67fc7b02ada88a1e6
Size

18KB
MD5

5a069ba3ac2d8eb67fc7b02ada88a1e6
SHA1

2e771e2a01782c0b74d066e5e5ba6dfbf332c93d
SHA256

9818bfe67a4fa16ff54a082f20d9b2430559279479cd37cc7efe051e15e66732
SHA512

46caf67b76ff349f52c28ff18c89247122a221218d8eaabcaeced1bbd379647d7dc6a1d2a7e0ffa4a39ae311bfe9f06a34b6880be14cd546fe36e9c0ca262855
SSDEEP

192:6Qqy23FWeC3EpDXEgP5p9jpSdsO77sBruc5reEImE1ypsgwYgmuuuuuuuuu9oXZF:nf8weuJgP/9jpCsO9c5SEll/wYpJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a069ba3ac2d8eb67fc7b02ada88a1e6

Files

5a069ba3ac2d8eb67fc7b02ada88a1e6
.exe windows:4 windows x86 arch:x86

a212aa3accfe728c445f8eea174a5971

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
HeapWalk
CloseHandle
GetStdHandle
GetAtomNameA
lstrlenA
TlsGetValue
GetConsoleCP
GetTickCount
WaitForSingleObject
FindAtomA
CompareFileTime
HeapReAlloc
LoadLibraryA
GetACP
GetVersion
GetModuleHandleA
VirtualProtect
GetProfileIntA
InterlockedExchange
GlobalUnlock

user32

TranslateMessage
PostQuitMessage
ModifyMenuA
ShowWindow
CopyRect
DialogBoxParamA
GetMenuStringA
DispatchMessageA
GetKeyboardLayout
InsertMenuA
EqualRect
EnableScrollBar
LoadIconA
SetPropA
GetScrollRange
GetMenu
SubtractRect
UpdateWindow
SetWindowPos
DestroyMenu
PaintDesktop
GetWindowTextA
InflateRect
GetSubMenu
GetDlgItem
PostMessageA
CreateCaret
MessageBoxA

msi

MsiEnumClientsA
MsiDoActionA
MsiEnumProductsA
MsiGetMode
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ