a23b3ac8097682c403dc6811c9bac50a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a23b3ac8097682c403dc6811c9bac50a
Size

17KB
MD5

a23b3ac8097682c403dc6811c9bac50a
SHA1

004d25fdc2a7f7953f221b0ef46feee68c1eae55
SHA256

88ab29d1131fc79f4caa4f174efbbacc85d0cded4e768eb83017200b7648e4b9
SHA512

90b5f4db3e43c12a6bb96724e0404d667cb072637e1eae4951da7fff80034156fdd46c2e9ef0a38ff01800baecef7ae424bf83bfbd684861e169b9b67a325b97
SSDEEP

384:jXYkcRK/5K+MRHxLZZYU/ol/BZmZPBf/43E4EPQdR1CdvQxvNhKQY:eC5K/lZZYUkSlH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a23b3ac8097682c403dc6811c9bac50a

Files

a23b3ac8097682c403dc6811c9bac50a
.exe windows:4 windows x86 arch:x86

88a54f0ee46121023a25b6084205791b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetAtomNameA
GlobalUnlock
GetConsoleCP
HeapReAlloc
GetCommandLineA
GetVersion
InterlockedExchange
WaitForSingleObject
CloseHandle
WaitForMultipleObjects
HeapCreate
GetSystemDefaultLangID
SuspendThread
GetTickCount
CompareFileTime
GetConsoleDisplayMode
lstrlenA
LocalSize
GetModuleHandleA
VirtualProtect

gdi32

GetFontData
DeleteDC
CreateICA
GetRgnBox
CreatePalette
EndPath
Ellipse
GetMetaRgn
Escape
GetMetaFileA
GetTextColor
BeginPath
FloodFill
EqualRgn
DeleteObject
EngLineTo
AbortPath
CreateFontA
GetStringBitmapA

httpapi

HttpGetCounters
HttpAddUrl
HttpRemoveUrl
HttpTerminate
HttpInitialize

clbcatq

GetDllType

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ