9a6f95b9d92594324ab924eb70bfc7a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a6f95b9d92594324ab924eb70bfc7a3
Size

90KB
MD5

9a6f95b9d92594324ab924eb70bfc7a3
SHA1

5fb5ac4e90695c407d0aa07e937e37f307d62341
SHA256

a21daece9c8a825ef4e9d613592aac07d30f407fe39a32ba7719114eb5059e61
SHA512

06032c8e5ddc4c803ee444fb859323c136ade02d4f0fa8eca324dc016f157ab5a42018691c92f91cb2c3c145232d3d6f956dae256e50b3882caee01e3bd76d38
SSDEEP

1536:vjl7cRIJSL+y63MdqfACsEqB5QxgMRm8uZJ4pmJ6hYFpXo6zMnrS7sX5YAgt09IE:vpk+3/oN5D/J4p1h6Y6wW7seAu5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a6f95b9d92594324ab924eb70bfc7a3

Files

9a6f95b9d92594324ab924eb70bfc7a3
.exe windows:4 windows x86 arch:x86

cf3b72c549c928fe4fcc8cf8735cac09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CompareStringA
CreatePipe
ExitProcess
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileTime
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetPriorityClass
GetProcessId
GetProcessVersion
GetVersion
GlobalAlloc
GlobalUnlock
HeapAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LCMapStringA
OpenEventA
RemoveDirectoryA
SetCurrentDirectoryA
SetEndOfFile
TerminateProcess
TlsAlloc
VirtualFree
WaitForMultipleObjects
WriteFile

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ