a3133c665c3ae8f0ee5d54508723cdfa | Triage

Sharing

General

Target

a3133c665c3ae8f0ee5d54508723cdfa
Size

8KB
MD5

a3133c665c3ae8f0ee5d54508723cdfa
SHA1

93853690393ee791044dbe21afbb1a3bc0e0aca4
SHA256

25b0de932bad4c5fc818d78b28b3a5af190b72ff6901506a8a55aba8edca1fcc
SHA512

6bd848d8f71a5a686676770b7366abbcaf976eb33a17fb633e5d308d21a4f365adf62d4df3c1faacc6aab0988612cc292bbdb4e0bb6dc3db89fdf292a9f1578e
SSDEEP

96:1B53UGGMEf2AC1AEhA2Dc5vA9IvSJ2YI2rFqcj7mSncEzKLfs/MjK5c8F5YMuRSQ:ZUGGMEw1AIDc5iJ2YI2Ucf6Lfpj4J9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3133c665c3ae8f0ee5d54508723cdfa

Files

a3133c665c3ae8f0ee5d54508723cdfa
.exe windows:4 windows x86 arch:x86

42d2076a41219bd5748bc6931e640567

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
CreateSemaphoreW
CreateThread
EnumDateFormatsExA
ExitProcess
ReadConsoleOutputW
SetDefaultCommConfigW
VirtualQueryEx

advapi32

AddAccessAllowedAce
CryptGenRandom
FindFirstFreeAce
GetKernelObjectSecurity
GetNamedSecurityInfoExW
GetNamedSecurityInfoW
GetSecurityDescriptorDacl
LookupAccountNameA
LookupPrivilegeNameA
RegConnectRegistryA
RegRestoreKeyW
SetPrivateObjectSecurity
SetSecurityDescriptorGroup
SetServiceStatus
StartServiceW

shell32

DoEnvironmentSubstA
ExtractIconResInfoW
FreeIconList
OpenAs_RunDLL
PrintersGetCommand_RunDLL
PrintersGetCommand_RunDLLA
RealShellExecuteExW
RealShellExecuteW
SHInvokePrinterCommandW
SheChangeDirExA
SheConvertPathW
SheGetDirW

gdi32

CreateFontA
DescribePixelFormat
ExtSelectClipRgn
GetEnhMetaFileA
GetEnhMetaFileDescriptionW
GetFontLanguageInfo
GetICMProfileA
SelectPalette
SwapBuffers

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE