a469ceaee1dde4f4e1d8865e7bb8e9de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a469ceaee1dde4f4e1d8865e7bb8e9de
Size

635KB
MD5

a469ceaee1dde4f4e1d8865e7bb8e9de
SHA1

5b0bd112bafc014bf69221ab7671a8c16fc3a7ab
SHA256

cd8d4f03fea66d6a2b7564edac036831032453c702b724007048b221432cc33d
SHA512

7839bd0ab81aeadf7b97f5fd3b960bc5e2598f5ba1f175e79a4283a3211f78f874b84d5ecfd62df6c60ba351b0e01553d31340803c4561fa21ece23097c8f2a0
SSDEEP

12288:IUHTkDqmJaGmkb5+Mwe6jmPxX+bEbeWNG5dqogd7TZp1ZL/iXHCA01VxIbf:3kDqImkd+7e6jmRBTIdqokVTsiA017IT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a469ceaee1dde4f4e1d8865e7bb8e9de

Files

a469ceaee1dde4f4e1d8865e7bb8e9de
.exe windows:4 windows x86 arch:x86

e7d4cfa1dcae6e9867d444b1fc5960f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
RaiseException
RemoveDirectoryA
Sleep
InterlockedExchange
GetSystemDirectoryA
FindClose
GetCommandLineA
GetStdHandle
GlobalFree
SetErrorMode
SetEvent
GetLocaleInfoA
FindFirstFileExA
ReleaseMutex
EnterCriticalSection
ResetEvent
GetLastError
VirtualProtect
LoadLibraryExA
HeapCreate

user32

GetCursorPos
GetParent
EndPaint
IsIconic
ShowWindow
SetActiveWindow
GetClassNameA
GetWindow
SetForegroundWindow
BeginPaint
wsprintfA
FillRect
GetWindowTextA
ValidateRgn
FrameRect
ReleaseDC
GetFocus
DrawTextA
FlashWindowEx

winmm

CloseDriver
auxGetDevCapsA
PlaySoundA
aux32Message
OpenDriver

wtsapi32

WTSCloseServer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ