a1fb29360ad7d3da29bfdadb8690fc22 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1fb29360ad7d3da29bfdadb8690fc22
Size

21KB
MD5

a1fb29360ad7d3da29bfdadb8690fc22
SHA1

039d4f1da2dc005bfda5f6a46764ebb61e468351
SHA256

c2677e4a0619a4e5fe5753922e3c6fa5f9e50d77d25a61f78f50748aac61d3ec
SHA512

afb814acf6f206847cde8f389d6c8305e5aae4ee21c8248744c88eb74f6706e4994031a23df02c5463f0324ec20f0f1413c82f9a531a872350871a8aefcddee1
SSDEEP

384:3sqmnCxASkfP7iU9XVbZx9Y//gE8e044YkLTCsIIG57vpWYXw40:3m+ASkXVb+XN0RYkcIGRvpWYp0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1fb29360ad7d3da29bfdadb8690fc22

Files

a1fb29360ad7d3da29bfdadb8690fc22
.exe windows:1 windows x86 arch:x86

c65dfbfdee6941736ff9b1e12c4e1919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetSecurityInfoExA
ObjectDeleteAuditAlarmA
BuildTrusteeWithSidA
SystemFunction033
GetNamedSecurityInfoA
LsaQueryTrustedDomainInfo

ole32

CreateObjrefMoniker
OleConvertIStorageToOLESTREAMEx
OleDuplicateData
CoGetMalloc
UtConvertDvtd16toDvtd32
CLSIDFromProgID
OleCreateLinkToFileEx

comctl32

CreateUpDownControl
FlatSB_SetScrollPos
CreatePropertySheetPageW
PropertySheetA
CreateStatusWindowW
ImageList_Merge

shell32

SheConvertPathW
ExtractAssociatedIconExA
SHGetNewLinkInfoW
RealShellExecuteW
DoEnvironmentSubstW
RegenerateUserEnvironment
SHGetFolderPathW
FreeIconList

shlwapi

PathFindOnPathW
PathCanonicalizeA
PathAppendA
UrlCanonicalizeA
PathCanonicalizeW
PathIsFileSpecW
PathIsSameRootW

Sections

.text
Size: 4KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE