a0a6a1bc272ad2556f958f57dd09bb2b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0a6a1bc272ad2556f958f57dd09bb2b
Size

149KB
MD5

a0a6a1bc272ad2556f958f57dd09bb2b
SHA1

df39dace8d28e420717a071cd80e86545e3fa057
SHA256

b2c040a3d45903a735d405e8fcaa4334382ce1fffcb355f232010eeb349ab282
SHA512

e3fe3b2326285ff173f5b47b92628b6ed5854eee4234dd35d0f0edd003af436512bfaf30a681212d95eab459acaff43767ea60215f9507b682b804eed18d741b
SSDEEP

3072:Ccs8nVbmhIvdjugwIA8Sh1CDUcMsUHHERauJhJZobp:1s8VbMEhA8ANCouJMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0a6a1bc272ad2556f958f57dd09bb2b

Files

a0a6a1bc272ad2556f958f57dd09bb2b
.exe windows:1 windows x86 arch:x86

b59327e8a91b1861d769c83552cc38d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__p__commode
feof
_mbsncmp
_adjust_fdiv
_initterm
_except_handler3
_exit
memcpy
__set_app_type
exit
__setusermatherr
_futime64
_acmdln
_wexeclpe
_snscanf
__getmainargs
_controlfp
wcstombs
_XcptFilter
abs
_wexecv

kernel32

GetFileAttributesA
Module32Next
MulDiv
GetCurrentProcessId
WaitForMultipleObjects
GetStartupInfoA
CloseHandle
lstrcmpA
Sleep
SetEndOfFile
OpenEventA
GetModuleHandleA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ