a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a
Size

85KB
MD5

120d845ac973b4a0cde2bc88d8530b3d
SHA1

906424a21a316ee75dd1ca18acd6aa64a1f11249
SHA256

a0fdd16f65c09159c673e82096905a68b772b5efc79259f3cee4cdbba3209724
SHA512

fa2ad7f997bd0150fe0c8c0aa5994aa0ab7a49e33aaed54c97bfc594c50f05902c8373acfe3f040660552bf85f02fce45c541c4e87844847153f3c4635006b76
SSDEEP

1536:BmGhqYUHEoC5483dn4ZsyM8tVzA9A76abGj2:FEEoG483dq3M2VMo6aij2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a

Files

a
.exe windows:5 windows x86 arch:x86

63248729101fae89e686a492659a402e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrcatA
HeapAlloc
GetProcessHeap
GetProcAddress
GetSystemDirectoryA
CreateFileA

user32

LoadIconA

advapi32

RegOpenKeyExA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x1uri
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x2uri2
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x3uri3
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x5uri4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x6uri4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.x7uri4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63248729101fae89e686a492659a402e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 76KB - Virtual size: 76KB

.x1uri Size: 512B - Virtual size: 4B

.x2uri2 Size: 512B - Virtual size: 4B

.x3uri3 Size: 512B - Virtual size: 4B

.x5uri4 Size: 512B - Virtual size: 4B

.x6uri4 Size: 512B - Virtual size: 4B

.x7uri4 Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 28KB

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 76KB - Virtual size: 76KB

.x1uri
Size: 512B - Virtual size: 4B

.x2uri2
Size: 512B - Virtual size: 4B

.x3uri3
Size: 512B - Virtual size: 4B

.x5uri4
Size: 512B - Virtual size: 4B

.x6uri4
Size: 512B - Virtual size: 4B

.x7uri4
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 28KB