a311fb932db29d53a162e25e83ccc1d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a311fb932db29d53a162e25e83ccc1d4
Size

162KB
MD5

a311fb932db29d53a162e25e83ccc1d4
SHA1

c3ffe80647ba7549a8093ea847688fda77ef43cd
SHA256

dd237ab3cb857d95854e2b6fade63522d092a0f1f29af07a165a583ad6b13b2c
SHA512

34decdd55b1f6e6584caa397d482d431753b4d08aabb2a3d6deb7ea76b2d3d3922d321c53feb98cbd848016b54f55fb61c9f54f2327e6cf7bee25695e467dab2
SSDEEP

3072:1NXr7yW4tm/8Kj0/cTmhgj+HLOgOopS17Mdx5:11yxtmjI/NhZIQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a311fb932db29d53a162e25e83ccc1d4

Files

a311fb932db29d53a162e25e83ccc1d4
.exe windows:4 windows x86 arch:x86

01b61ff884981c0550b0b90beb6f0c2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FileTimeToLocalFileTime
GetNextVDMCommand
LocalFileTimeToFileTime
SetEnvironmentVariableW
SetThreadPriority
GetShortPathNameW
LoadResource
FindNextFileW
SetErrorMode
FreeLibrary
CompareStringA
EnumResourceNamesW
SetCurrentDirectoryW
FindClose
FindResourceW
RegisterWaitForSingleObject
GetStringTypeW
GetLocalTime
FindFirstFileW
FileTimeToSystemTime
SystemTimeToFileTime
SearchPathW

user32

ValidateRect
ValidateRgn
ExcludeUpdateRgn
GetCapture
RealGetWindowClassA
ReleaseCapture
SetCapture
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ