aa1a24a16935c89dad4e5e4ee7b46d02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa1a24a16935c89dad4e5e4ee7b46d02
Size

17KB
MD5

aa1a24a16935c89dad4e5e4ee7b46d02
SHA1

e52e9e1bf605729fd42ae533bc12070f1f1e7dab
SHA256

c00df8af2ffaa258c855a28140acc04f6159acd4bb79922cdfabb6f52aeea602
SHA512

e58eab6058245e2cfd89886d194b7411a4bd92f2446944a611ef479d636c63f9c37a9e2ea02ed7380cc52e9e609ae9c0def25f6e0795575d30a54b8912762ac5
SSDEEP

192:8Xes8UytroV8yz9+Q3ZWGPjkV3N/Lhmee3Omw9LJmaHvDVKa9TZ1eOV7Snpj:8XN7ypo1Z3ZW0jkVdwhOtV5KaFp7e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa1a24a16935c89dad4e5e4ee7b46d02

Files

aa1a24a16935c89dad4e5e4ee7b46d02
.exe windows:4 windows x86 arch:x86

558623a2cccec387e29c2d3c797cd24c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetStdHandle
CloseHandle
GlobalUnlock
GetLocaleInfoA
LockResource
HeapCreate
SetErrorMode
Sleep
GetLastError
LoadLibraryExA
GlobalFree
GlobalAddAtomA
RaiseException
EnterCriticalSection
InterlockedExchange
VirtualProtect
SetConsoleOutputCP
FoldStringA
GetACP
GlobalDeleteAtom

user32

DrawTextA
GetClassNameA
GetWindowTextA
SetForegroundWindow
ShowWindow
DrawEdge
GetMenuItemInfoA
IsIconic
GetCursorPos
ValidateRect
ClipCursor
GetWindow
ReleaseDC
BeginPaint
GetFocus
EndPaint
OemToCharBuffA
GetActiveWindow
GetParent

ntdsapi

DsBindA
DsCrackNamesA
DsFreeNameResultA
DsIsMangledDnA
DsGetSpnA

netapi32

DsRoleCancel

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ