a160b70c491e37ad6ee3eae4051141f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a160b70c491e37ad6ee3eae4051141f9
Size

48KB
MD5

a160b70c491e37ad6ee3eae4051141f9
SHA1

9aaf62ab42c90954909b3cf3573fa65d8f2c5339
SHA256

44954ec87ec39b02d7a05fd259f91a97af1570ba8b222dd9c61af20de10f5043
SHA512

0a4db7173b504a450d4f6711acf26071f1b883454a3e04d658f63b851895b610206ff87e65f8b882160f941fbf3eac0057076c7815a1031bc0fc29d1932b02a6
SSDEEP

384:mgI13HKKcfTnV2xCMiWcBA37eZHJvF5bh611:jfTnXPA37KHNc11

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a160b70c491e37ad6ee3eae4051141f9

Files

a160b70c491e37ad6ee3eae4051141f9
.dll windows:4 windows x86 arch:x86

c8525a809f7e0bec43bc1ecbaddb7e93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
GetCurrentProcess
GlobalFree
CreateProcessA
GetStartupInfoA
lstrcpyA
GlobalAlloc
WriteFile
lstrlenA
CloseHandle
GetTickCount
GetTempPathA
GetCommandLineA
CreateFileA
lstrcatA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetShortPathNameA
MoveFileExA
GetVersionExA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 230B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ