aa15bfd4fde8b975df5c055ee9084c31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa15bfd4fde8b975df5c055ee9084c31
Size

21KB
MD5

aa15bfd4fde8b975df5c055ee9084c31
SHA1

0d90a4fae5216d32fcd4bf1eb31e4ac08a70ee6c
SHA256

3c7f97a0c84531781123acc98c09893e776438bd9b8fda90e9d6bd8717d6c692
SHA512

182fa5abdcaf655551583a73044d3d5dd43ef39fb6b2fa54ddef55f143de05791865db80a4d400159e735f88ecc059f71708073712ad11d3cdbed04ca6b64627
SSDEEP

384:+l15gYcCacyw9nh2XMWlU0cCg42A3uqSCnb8yXNQupVAuL1yj6ackzAmS:+b5gYcZw9ctU0hgcS0LXNQsAuZy6kzAP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa15bfd4fde8b975df5c055ee9084c31

Files

aa15bfd4fde8b975df5c055ee9084c31
.exe windows:4 windows x86 arch:x86

4d07c7d9d1f1d39a135646c250b9b928

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DefineDosDeviceW
EnumCalendarInfoExW
ExitProcess
GetOEMCP
GetSystemDirectoryW
Heap32Next
IsBadCodePtr
ScrollConsoleScreenBufferW
SetCommMask
SetCommTimeouts
SetComputerNameW
SetEnvironmentVariableA
UnlockFile

advapi32

AbortSystemShutdownA
BuildImpersonateExplicitAccessWithNameW
BuildImpersonateTrusteeA
CryptDestroyHash
GetMultipleTrusteeA
LogonUserA
OpenProcessToken
OpenServiceW
RegReplaceKeyA
RegSaveKeyA
SetPrivateObjectSecurity

user32

CharNextExA
DrawIconEx
DrawStateW
EnumWindowStationsW
EqualRect
GetDlgItem
GetWindowTextLengthW
OpenInputDesktop
UnregisterDeviceNotification

Sections

.text
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ