a08f4d5e8ed738dda79f7e0ff8fe1495 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a08f4d5e8ed738dda79f7e0ff8fe1495
Size

164KB
MD5

a08f4d5e8ed738dda79f7e0ff8fe1495
SHA1

a5806f5e04359c93da653130ce40cb82cedf87d8
SHA256

96726f23b077bd205c7294fd9b76d2c5ee86d44f34962d2fa3406c1adc9b68bb
SHA512

a3cb6fc70a2831d6ab3ef562d93bacf731a908cc638cf6a68989cc84ba6ddd30255a5c9d6a4ffe8ebdd3b9db39f02a9a783d00b20a7699fec0e03f9c9a75ef69
SSDEEP

3072:M4Fnw2wAQii8MRN2dXHYOqmcTaOKPWVaxJ3ZqF1dtyo1VFfz1XaGR:nNdi8MRg2mIaOUWVaxdZE6oZRXaGR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a08f4d5e8ed738dda79f7e0ff8fe1495

Files

a08f4d5e8ed738dda79f7e0ff8fe1495
.exe windows:4 windows x86 arch:x86

4341965020429eb889ca31b4b12c893f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
CreateFileA
GetCurrentProcess
LoadLibraryA
CloseHandle
LCMapStringA

user32

wsprintfA
CloseWindow
SetWindowLongA
CharLowerBuffA
CreateWindowExA

advapi32

RegEnumKeyA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegEnumValueA
RegDeleteValueA
RegSetValueA

Sections

.text
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ