9aa85c8378ae75f9e64e1dd64007e5e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9aa85c8378ae75f9e64e1dd64007e5e4
Size

800KB
MD5

9aa85c8378ae75f9e64e1dd64007e5e4
SHA1

f9d2fdd4c10432fbcb8a6d8c818e631d69b5b39f
SHA256

35de248fb4b82a18637931e72d12d3435fb89159d034c1c45801e8ea97c75efd
SHA512

fd47b07a7c01cd49c6fe863dba9f39ff1c7366886e8f7b4f62905dbf5f01350ea2a05524723f439e49b22653388ae03def78e98e206af9678df30ebc2810d501
SSDEEP

24576:wRpWWAjAbDiIgVx9Nv5vGvYZ3IADlEwG0G3+w+:ipWWAjAbkBd5OvYZ3F5JG0G3+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9aa85c8378ae75f9e64e1dd64007e5e4

Files

9aa85c8378ae75f9e64e1dd64007e5e4
.exe windows:4 windows x86 arch:x86

d72cd02d0618fc2776a697135fe38971

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentDirectoryA
GetCommandLineW
GetCurrentThreadId
HeapCreate
LocalFree
GetComputerNameA
ResetEvent
CreateFileW
FindClose
CloseHandle
GetSystemTime
lstrcpyA
UnmapViewOfFile
PulseEvent
GetModuleHandleA
LoadLibraryW
Sleep
CreateThread
GlobalUnlock

user32

GetDlgItem
GetDC
CheckRadioButton
FillRect
IsWindow
DrawMenuBar
CreateIcon
SetFocus
DrawEdge
CallWindowProcA
CreateWindowExA
GetCaretPos
DispatchMessageA

cryptui

CryptUIDlgCertMgr
CryptUIDlgSelectStoreA
WizardFree
CryptUIDlgSelectCA
LocalEnroll

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 793KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE