a2e64a1c6e88991f8b283d31c9fc4cf2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2e64a1c6e88991f8b283d31c9fc4cf2
Size

251KB
MD5

a2e64a1c6e88991f8b283d31c9fc4cf2
SHA1

b1279f9c5ee39fed3ae2fdc58a6a4b109cfb457a
SHA256

a11c6e1443360232b56ef7b01de1b4e07dc1297d148b197a7b950df05427c011
SHA512

d6d1e022b563dbfce9b9a17cfb3c64d65d71f939b6c3239bdfa6a964471579338b6327d7a501d2037d563e00b5deb88002d28651451a1a4692bc1b55f347315b
SSDEEP

6144:DDV4P+d/A5k9pz/pIxCUONbV5QuZMevXIuM6c3UTJ9NrOHY:DDo+mipZrvpx/466URrOHY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2e64a1c6e88991f8b283d31c9fc4cf2

Files

a2e64a1c6e88991f8b283d31c9fc4cf2
.exe windows:4 windows x86 arch:x86

93c964f4835ef9700e381ce0a1ef6cbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegQueryValueExA

comctl32

ImageList_SetIconSize

comdlg32

GetSaveFileNameA

gdi32

UnrealizeObject

oleaut32

SafeArrayPtrOfIndex

user32

WindowFromPoint

Sections

CODE
Size: 226KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE