a98c0551e9d879ef0d7fc96f2146ca83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a98c0551e9d879ef0d7fc96f2146ca83
Size

22KB
MD5

a98c0551e9d879ef0d7fc96f2146ca83
SHA1

b5143010c5895941d33511a8bf1bdca28a804e54
SHA256

cf247c4547aca396d21f0b982b84f801cbefafa3f73d1d3ccafd47352bff07f4
SHA512

a9fa1415f7bd72a390cd7d9a1fe3449a89e4188572bf8526a267200abe1fb06a6e5a720e45d65737e38511d68918a5223bab8f3a50af50b0bacb11e801ce5822
SSDEEP

384:HeWn5GLrLX11INKSnZdpuIF54Esg87A35lxnahBmRfQtWYQ+lPCI7jWS4mW6:HeyGLrYN7Zf7HpfahBmQPCfi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a98c0551e9d879ef0d7fc96f2146ca83

Files

a98c0551e9d879ef0d7fc96f2146ca83
.exe windows:4 windows x86 arch:x86

5f5a050d49cb51f2700a756cea6b0cb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlAddAccessAllowedAceEx
RtlAdjustPrivilege
RtlAddAccessAllowedObjectAce
NtAllocateVirtualMemory

netapi32

NetDfsMove

kernel32

GetLastError
FormatMessageW

setupapi

SetupDiGetClassDevsW
SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ