a0c90f0c28cc4b67035fb167badc7294 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0c90f0c28cc4b67035fb167badc7294
Size

135KB
MD5

a0c90f0c28cc4b67035fb167badc7294
SHA1

ac4ac2344f77184a77afe713f3bbd517a18891fc
SHA256

6fe901519959429e46785e0ad16688a98d1cfdc220c5af778a0794f9f7cb1a4a
SHA512

d2a8401ed4bf109a8aa87bf7e30d1b9e2bbb822ba1e30f6c0d99707321dbf44d01be805b84be9aebec11c766334ba348a1f85d6fbd2832ea1509d540f100cf28
SSDEEP

3072:jI8gxKLcQ21seJDHrGkCQUCF0lFs7LB7OlJUo3DjOstZjJWqbm:jIblQpkr3TW/cLBwOo3zm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c90f0c28cc4b67035fb167badc7294

Files

a0c90f0c28cc4b67035fb167badc7294
.exe windows:4 windows x86 arch:x86

023a130908383c52a0e3d587e8a46215

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptDestroyHash
CryptHashData
GetUserNameW
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

InitializeCriticalSection

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIW
wvnsprintfW

user32

CharLowerBuffA
CloseDesktop
CloseWindowStation
DispatchMessageA
GetClassNameA
GetDlgItemTextA
GetIconInfo
GetWindowTextA
GetWindowThreadProcessId
LoadCursorA

Sections

.rwfop
Size: 51KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svqf
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hitct
Size: 6KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ