9aa7fbe8e5e9de623ffaed997aa31d36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9aa7fbe8e5e9de623ffaed997aa31d36
Size

45KB
MD5

9aa7fbe8e5e9de623ffaed997aa31d36
SHA1

0ffe567fad6d4c7730643a2383bbed89f2177308
SHA256

bd24ff3583427b3b888b36216b66ce55f6acc382b8f0c90ee782e6eeaf004303
SHA512

037d4253a5defddd9164b8ec4a562404c544bad3be8ffef410280922bafc25a016fd1b8464e3ee3c4352282303f447189ada5313fadf0fdfecfab7def0ffce16
SSDEEP

768:kWmQNMyYmrY/b+1uMvG/TuQQRH7SfoXfQR6L9bim/y1ga4SPCd+Rrx:MgLKb+pO/yQIzIYZbf61ga4SPHx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aa7fbe8e5e9de623ffaed997aa31d36

Files

9aa7fbe8e5e9de623ffaed997aa31d36
.exe windows:4 windows x86 arch:x86

f90bf472e3fa467444e07291cc51dfbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
lstrcatA
GetModuleFileNameA
TlsGetValue
GetLogicalDrives
GetCurrentThread
FreeLibrary
VirtualAlloc
GetCurrentProcessId
TlsFree
GetCurrentThreadId
GetCurrentProcess
GetSystemDefaultLangID
TlsAlloc
GetDriveTypeW
lstrcmpA
GetModuleHandleW
IsDBCSLeadByte
GetSystemDefaultLCID
GetCommandLineA
GetACP

user32

GetForegroundWindow
GetDC
ReleaseDC
UpdateWindow
GetWindowDC
GetActiveWindow
BeginPaint
GetSystemMetrics
GetWindowLongA
IsIconic
IsWindowVisible
ShowWindow
GetFocus
GetWindow
GetWindowTextA
CreateWindowExA
GetWindowTextLengthA
GetClassLongA
RegisterClassA

gdi32

SetBkMode
GetObjectA
GetStockObject
DeleteObject
SelectObject
SetTextColor

uxtheme

DrawThemeText
DrawThemeIcon
EnableTheming
GetCurrentThemeName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ