7ab6ff7a33248c94a1139d1dea7d6859 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ab6ff7a33248c94a1139d1dea7d6859
Size

447KB
MD5

7ab6ff7a33248c94a1139d1dea7d6859
SHA1

ad2f045be8d8feec07a6aef2f6c7b2e2cd54da68
SHA256

e328ef462e9a47d882a41a97ef6517e4816b2ee9940b7aa53a8eb26af92e556f
SHA512

2073af894e05cdd25c2f858d05d8bba38e04ae5fbcf1380d1244a51160f027812adb2c1f22c07bd5982761f423891559c775dd17960a4fbbd68db965973d1ca6
SSDEEP

12288:nE2k/5CJKfPZxKJpSEIP13toJrq0W55T6:ErcOPuHd6puJ+P55W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ab6ff7a33248c94a1139d1dea7d6859

Files

7ab6ff7a33248c94a1139d1dea7d6859
.exe windows:4 windows x86 arch:x86

f48396c4054d38486b09f10a3317f871

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
Sleep
RaiseException
GlobalDeleteAtom
GetDriveTypeA
CloseHandle
FileTimeToLocalFileTime
GetLocaleInfoA
GetACP
LoadLibraryExA
GlobalUnlock
GetLastError
LockResource
HeapCreate
GetStdHandle
SetErrorMode
GlobalAddAtomA
SetConsoleOutputCP
InterlockedExchange
GlobalFree
VirtualProtect

user32

ClipCursor
ValidateRect
BeginPaint
GetWindow
GetCursorPos
GetWindowTextA
ReleaseDC
ShowWindow
IsIconic
EndPaint
GetMenuItemInfoA
DrawEdge
GetActiveWindow
DrawTextA
GetClassNameA
SetForegroundWindow
GetParent
OemToCharA
GetFocus

ntdsapi

DsBindA
DsGetSpnA
DsIsMangledDnA
DsCrackNamesA
DsFreeNameResultA

netapi32

DsRoleCancel

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ