7ae53a410e22d24eef5adcff66c71407 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ae53a410e22d24eef5adcff66c71407
Size

317KB
MD5

7ae53a410e22d24eef5adcff66c71407
SHA1

803e57377d81900f6be52f43e5606f07200f76f7
SHA256

1f8b2c642b381aa66dc8240781b9f862a76d2dbcf0f538db23f6fda6bdd1a74c
SHA512

1f10f2aab7ce4098882288587d62ba8062ee4567ee894a63ebb4deddb182755174d72219c25e0148e1c259f8a693b0fa29ba7671411cf3546bb3644c41dad064
SSDEEP

6144:HHo3peC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:HIGnX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ae53a410e22d24eef5adcff66c71407

Files

7ae53a410e22d24eef5adcff66c71407
.exe windows:4 windows x86 arch:x86

9502f207a79dc075c0d41876a61f9653

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
lstrcpyA
GlobalAddAtomA
GetStdHandle
LoadResource
LocalFree
WriteProfileStringA
GetLastError
CloseHandle
SetConsolePalette
LoadLibraryExA
VirtualProtect
IsBadCodePtr
HeapCreate
RaiseException
EnterCriticalSection
FreeConsole
GetOEMCP
GlobalFree
GlobalAddAtomA
GlobalUnlock

user32

GetParent
GetWindowTextA
GetWindow
AlignRects
EndPaint
ShowWindow
GetActiveWindow
GetFocus
ReleaseDC
BeginPaint
GetWindowTextLengthA
GetClassNameA
CloseWindow
GetClassInfoExA
DrawEdge
ValidateRect
IsIconic
GetForegroundWindow
GetDC

mprapi

MprAdminUserWrite
MprAdminUserRead
MprAdminUserOpen
MprAdminUserGetInfo
MprAdminUserClose

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ