a400b901e7b6ac6744028826e0e223fa | Triage

Sharing

General

Target

a400b901e7b6ac6744028826e0e223fa
Size

91KB
MD5

a400b901e7b6ac6744028826e0e223fa
SHA1

1be0e6d2494759e920d5e1831a08e802745b3179
SHA256

22b344dc0934cf72a25de82d633a24e658ef7889cc0b41756bb6579955c4a0c4
SHA512

6e4090139e706ff9688d94535fcf14a857a1c2f823f49dd9be43556462329646fb433466e236ab17690da374cf7a3ab07a14b78059463aaeab765cf300b1b967
SSDEEP

1536:WFObBQus8+QWNYpZFmQFq27rAZPd7Ap8SYzUC3wca35d/Ja8HPtIuP7BjPLSF:W2O8+5YpZFmQFq+WP9Wy/3wRJhJaxue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a400b901e7b6ac6744028826e0e223fa

Files

a400b901e7b6ac6744028826e0e223fa
.exe windows:4 windows x86 arch:x86

854ab038e88923e78e70422bb30fffd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
FreeUserPhysicalPages
GetUserGeoID
GetTempFileNameA
HeapUsage
SetConsoleInputExeNameW
lstrcmp
GlobalFindAtomW
OpenJobObjectA
GetConsoleAliasesLengthW
GlobalReAlloc
RemoveLocalAlternateComputerNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 77KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE