9a6e5421ae1d977d50a056f2a23b9e72 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a6e5421ae1d977d50a056f2a23b9e72
Size

6KB
MD5

9a6e5421ae1d977d50a056f2a23b9e72
SHA1

c924b6f3b1a9b6be5ee47035824acfaed248f34f
SHA256

d46f9071cbc7604174b0ff20a1da605b478c004a5a0c2fc6e4c88159d9116a16
SHA512

95178ac45f86504cf79f43e8f0955a1a864d3a83fdd7d88191d09bc48fdd68edb2e80331e06c8cdf06c3e9ce9ce53bd88576d43187d369228bdae2fca9c7e97d
SSDEEP

96:WROkXUaskze7n2HcUZIO+MQbaNRHR6cC8GQY3n33X3X3nXH3nwuWeAT86Cbg/C7B:WEkS7n2HcaIvhaNzC8GQY3nHHXXNXw1w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a6e5421ae1d977d50a056f2a23b9e72

Files

9a6e5421ae1d977d50a056f2a23b9e72
.exe windows:4 windows x86 arch:x86

3d8ba356f31a00421d1ec7b3bc3cd09d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileSectionW
FindFirstFileExA
CreateSemaphoreA
GetWindowsDirectoryW
GetFileAttributesA
GlobalGetAtomNameW
CopyFileW
CopyFileExA
SetEnvironmentVariableA
FindAtomW
GetConsoleAliasesW
GetStartupInfoW
FoldStringA

user32

IsCharAlphaNumericW
SendMessageCallbackW
SetMenuItemInfoA
SetDlgItemTextA
ChangeDisplaySettingsW
CreateMDIWindowA

gdi32

AddFontResourceA
StartDocA
GetCharABCWidthsA
EnumFontFamiliesExA
CreateICA
GetEnhMetaFileA

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.masm
Size: 1024B - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ