a26180892ad229612d66ec389876ea0c | Triage

Sharing

General

Target

a26180892ad229612d66ec389876ea0c
Size

27KB
MD5

a26180892ad229612d66ec389876ea0c
SHA1

d5216afbd33e2aad4805a1570fce706b31c1249b
SHA256

a0b35a0402a7b2a154eede3f2a17b48e72ee19f2c214d88a1ccf863bf5130e2f
SHA512

559bba8f61f59cbefa0574b7acc74777409e6ebc75efe5161b21213f7bba458cef4be58686bdf8a2fb8cef0df1739cd62264b7218c8318dfeccfff6d3a2aa301
SSDEEP

384:FE9injM/18TD+UdGvO375WswgUefZrpihrKJ+8jClje9WY4IQYt8wCuzgpNNxOYf:F/jMd/83TBLfhwhrUChh3Iz4NKY7HT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26180892ad229612d66ec389876ea0c

Files

a26180892ad229612d66ec389876ea0c
.exe windows:4 windows x86 arch:x86

abef8fafd7c126b8c4dc4575548f83f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA

iphlpapi

GetAdaptersInfo

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
memset
fclose
fwrite
fopen
memcpy
fread
fseek
__CxxFrameHandler
sprintf
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 889B - Virtual size: 886B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ICEKER
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE