86a2bba201043662d789ffcf78a27b59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86a2bba201043662d789ffcf78a27b59
Size

313KB
MD5

86a2bba201043662d789ffcf78a27b59
SHA1

9e710714c6e0c1a3c5e1cd695c404f4f39c520f0
SHA256

69cb7834d893b5a2632c3ef8eb596ee5aa5abe96c2200bdd040c9dcae81ece8b
SHA512

84790ad141755093a2609f5a858e3a8c4c81940d3176ae67bc8ef954fa567ba37dc3dc4ef42ceea7faf92f81607d5252fbc33dd0cec6b714867517545879d692
SSDEEP

6144:E5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:YK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86a2bba201043662d789ffcf78a27b59

Files

86a2bba201043662d789ffcf78a27b59
.exe windows:4 windows x86 arch:x86

0365b6f600072702cada721f73a42382

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GlobalFlags
FormatMessageA
ClearCommBreak
GetUserDefaultLangID
GlobalFree
ExitProcess
GlobalLock
GetProfileStringA
FindAtomA
VirtualAlloc
GetTapeStatus
CloseHandle
EnterCriticalSection
GetOEMCP
GetProcessHeap
CreateJobSet
GlobalCompact
CreateHardLinkA
GetStdHandle
GetCommState

user32

DrawEdge
GetActiveWindow
ReleaseDC
CloseWindow
RegisterClassA
GetParent
GetForegroundWindow
GetFocus
GetDC
GetWindowTextA
EndPaint
GetWindowTextLengthA
BeginPaint
GetClassInfoExA
ShowWindow
GetClassNameA
ValidateRect
GetWindow
IsIconic

wsock32

WSAIsBlocking
WSAStartup
WSAGetLastError
WSAAsyncSelect
WSACleanup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ