aa578b27034d6e812f2c6d117fe0859c | Triage

Sharing

General

Target

aa578b27034d6e812f2c6d117fe0859c
Size

42KB
MD5

aa578b27034d6e812f2c6d117fe0859c
SHA1

820b2940dd4a4b48a39c66bd49a949b56ff8675c
SHA256

69ed3b423a235cc5081db6cdc7dc34e8b36069b7fbff22b9ba26ec9baa7d1466
SHA512

c7c69d3045e6e1e2f1b3fa6e0f6285d7b6860f9f5f85449046d4de83bc828f84570e7c54d8a5ffbf563ef84d654e0e1c80913286b7f7141ae5fe1fe6536ff563
SSDEEP

768:117pJh48LR7A7OCk/5NwAU3Q4sH1/VlJB5jJwp4Pi:r/hbhNAETlJBdJwp9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa578b27034d6e812f2c6d117fe0859c

Files

aa578b27034d6e812f2c6d117fe0859c
.exe windows:1 windows x86 arch:x86

675d37be4884457575cf6148ace2756a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentDirectoryA
CloseHandle
RtlUnwind
Sleep

user32

MessageBoxA
wsprintfA

advapi32

RegCreateKeyExA
RegSetValueExA

crtdll

__GetMainArgs
exit
printf
raise
signal
strlen

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 692B - Virtual size: 692B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE