a1e6ff356e48e977b0fe552529cf4632 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1e6ff356e48e977b0fe552529cf4632
Size

92KB
MD5

a1e6ff356e48e977b0fe552529cf4632
SHA1

acd952817005fd00fe611bdb04f52ee0e30ed6b1
SHA256

cab690cb1e41ae7b60f0671ea6def647afaaa3eb4d9c7d3512d04cbfdb955c47
SHA512

439a9899aa8a91be277b7a0b74599d950669b81cddbc44ea231e82d4b0bdd648141e32ec99776c396b161a8d01c3ac9fb1d77e364061a3bc44919f95cf86d962
SSDEEP

1536:tIxSi7uKuMc59eCPDmHAhUNDvVx2ThtOorwxYtvBGyHHbM9NF6gw+3/bD:So150QONDX2TfUqF7+NwY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1e6ff356e48e977b0fe552529cf4632

Files

a1e6ff356e48e977b0fe552529cf4632
.exe windows:4 windows x86 arch:x86

9fca0f379cfe63c26800cc9d9e09d14a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SuspendThread
GetTickCount
GetTapePosition
SetHandleCount
SetCommState
HeapCompact
InitializeCriticalSection
LeaveCriticalSection
GetEnvironmentVariableA
SetVDMCurrentDirectories
UnregisterConsoleIME
DosPathToSessionPathA
RequestWakeupLatency
GetMailslotInfo
EraseTape
ReadFileScatter
CreateSemaphoreA
SetConsoleActiveScreenBuffer
_llseek
GetCurrentDirectoryA
GetCommandLineA
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

RtlZeroHeap
vsprintf
NtLockFile
strstr
NtReplaceKey

Sections

.edata
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIjunli
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ