a9d016165999a234f3aa93f6da5949a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9d016165999a234f3aa93f6da5949a1
Size

20KB
MD5

a9d016165999a234f3aa93f6da5949a1
SHA1

c93517f78b8ab83e3cf8be07067bdb7b14d581d9
SHA256

aed69baa2a4bd3e86dab97263b697b0f9050fc632d624e960a4a2f3e47a7f43d
SHA512

a02ba3f0a28d071135ca3eb16655c6c8094f0ad52bd68956985378734e8c4ef7683dc06a21010304c6dec2623b0ae768b188f637414c79d3fdd8eb3368b06889
SSDEEP

384:jNvpETO0Dvs6xA5+XT7FxWjiTLEkqBKKKKyzBh/eSG06Xf:jzvlY7UypqBKKKKyq2Sf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9d016165999a234f3aa93f6da5949a1

Files

a9d016165999a234f3aa93f6da5949a1
.exe windows:4 windows x86 arch:x86

9f069b1e37cf63f75a205d85d017bd61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
CompareFileTime
WaitForSingleObject
GetStdHandle
GetTickCount
WaitForMultipleObjects
lstrlenA
AddAtomA
LoadLibraryExA
GetProfileIntA
CloseHandle
GetVersion
SuspendThread
GetCommandLineA
VirtualProtect
GetSystemDefaultLangID
GlobalUnlock
InterlockedExchange
HeapReAlloc
HeapCreate
GetModuleHandleA

user32

CreateCaret
CopyRect
GetKeyState
EqualRect
GetWindowTextA
ShowWindow
DestroyMenu
UpdateWindow
EnableScrollBar
GetMenuStringA
GetDlgItem
SubtractRect
CreateCursor
SetPropA
InsertMenuA
PostMessageA
GetKeyboardLayout
FindWindowA
PaintDesktop
DialogBoxParamA
ModifyMenuA
TranslateMessage
DispatchMessageA
SetWindowPos
MessageBoxA

atl

AtlModuleInit
AtlUnadvise
AtlSetErrorInfo
AtlGetVersion
AtlAdvise

dnsapi

DnsStatusString

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ