a096b1e20e2bceea912ed4cddc98c1e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a096b1e20e2bceea912ed4cddc98c1e2
Size

3KB
MD5

a096b1e20e2bceea912ed4cddc98c1e2
SHA1

42e5cc0e637106dc73d376e7c1a008efb3d44284
SHA256

aae7b3047835013ca4b4f9c99661a9d087f1153864074d9235f1e22095aff89f
SHA512

aee621c100e1fe10b97d65d8b5868476ba54947dab73ee0c2a2c353b3c2edb83fd2aa9b1c9b5e70ffeadf5c1d15e3fcb6ef88f7e33cdebcc2b6c884e611aab34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a096b1e20e2bceea912ed4cddc98c1e2

Files

a096b1e20e2bceea912ed4cddc98c1e2
.exe windows:4 windows x86 arch:x86

fe21e764835b08365159caca42e4dedd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
malloc
memcpy
_itoa
free

kernel32

ExitProcess
lstrcpyA
CreateProcessA
Sleep
lstrcatA
GetTempPathA
CloseHandle
WriteFile
CreateFileA
lstrlenA
GetLastError
lstrcpynA
GetVolumeInformationA
GetComputerNameA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE