9a2bd297c0603f23f6ed536feb6efe86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a2bd297c0603f23f6ed536feb6efe86
Size

320KB
MD5

9a2bd297c0603f23f6ed536feb6efe86
SHA1

5c1e93b1ce2b2f9feac427e5f01682154e8b202f
SHA256

ab1f60c5c49cbe28077cd0ed97d6704ed94e20ae0f5af0cd88a6a29152d26b66
SHA512

7e53077667a32c96d3815abf6cfbcc0570dc6f92977bfe7d818d49638f648da66b924cdbdc081e448d1144fd6cdea6d65017a4e499e19f51dfc098dc601aaed6
SSDEEP

6144:xyrEWiGKO9gIFD7py1d/99GxqI7lWA/LtC6DaRNAk93gBdk4mW3:ArXMOic1sUxXxWKZLwSSgB2W3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a2bd297c0603f23f6ed536feb6efe86

Files

9a2bd297c0603f23f6ed536feb6efe86
.exe windows:4 windows x86 arch:x86

6b60538ebc85b8ea8ea1a47e5eec4d57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
HeapDestroy
HeapCreate
InterlockedExchange
GetACP
GetModuleHandleA
GetEnvironmentStringsA
GetStdHandle
GetProcessVersion
GetCurrentThread
VirtualProtect
GetCurrentProcessId
GlobalMemoryStatus
GetTimeFormatA
LoadLibraryExA
CreateIoCompletionPort
IsDebuggerPresent
HeapQueryInformation
GetProcessHeap
GetTapeStatus
WaitForSingleObject

user32

SetActiveWindow
DragDetect
BeginPaint
SetForegroundWindow
GetParent
GetCursorPos
GetWindow
GetDlgItem
GetFocus
ShowWindow
GetClassNameA
GetTitleBarInfo
FrameRect
FillRect
GetWindowTextLengthA
wsprintfA
EndPaint
DrawTextA
ReleaseDC

advapi32

RegEnumKeyA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ