a2f3476eae521559bbe954b19702bf18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2f3476eae521559bbe954b19702bf18
Size

149KB
MD5

a2f3476eae521559bbe954b19702bf18
SHA1

42c8fe98a34783ddca3093d0ba1d89c43d2d8859
SHA256

0c60859bcda8233cfd8be7e0f4ba05156a7e1bcb13d532dc2473b17b48bd53da
SHA512

cda365bb1d783c87b75560368d7b448334cf5e99d726484f99dd5dc70bf894536ae4049d3385e2280f5941502e7aa97827497df8db275238feb2bdd03a479a41
SSDEEP

384:pcAEyJ+xxcTyBxhpe6PHUcYCxvspbocbQ:hEyJycTAxhQsU8RV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2f3476eae521559bbe954b19702bf18

Files

a2f3476eae521559bbe954b19702bf18
.exe windows:4 windows x86 arch:x86

ac0716804afeff92ce9350282280bc92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
UnmapViewOfFile
Sleep
MapViewOfFile
LoadLibraryA
CloseHandle
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetTickCount
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
GetLocalTime
GetLastError
GetFileSize
GetCurrentProcess
GetComputerNameA
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeleteFileA
CreateFileMappingA
CreateFileA
GlobalFree

user32

wsprintfA
ReleaseDC

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
GetUserNameA
AdjustTokenPrivileges

shlwapi

StrRChrA
StrStrIA

wsock32

recv
gethostname
connect
closesocket
WSAStartup
socket
send

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE