aa214d83d229e2a7b162ee62ecec269f | Triage

Sharing

General

Target

aa214d83d229e2a7b162ee62ecec269f
Size

751KB
MD5

aa214d83d229e2a7b162ee62ecec269f
SHA1

32fcba3a23dd29530e0273c4fb8fed06b2e6add6
SHA256

06e8df99de072573d054256d1cc775e29c644c3e081863386914476cd76837cf
SHA512

cb646e3fe262a655608d2aab1a0400b0592fb871699cf33cc12ba3ba3c85f7d44356e84a8743999781694d961f9207e3022efa2a306860bb5e3b282d1c9f1ac8
SSDEEP

12288:vzI8/t0a5YfZiqAT6fa2ylHi1UBdpiqtJvlDQhm715NYdVEJ9oU6x6s7+fuJ:88qaOfEqAT6r4C1U/piqtNq871LuGoU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa214d83d229e2a7b162ee62ecec269f

Files

aa214d83d229e2a7b162ee62ecec269f
.exe windows:4 windows x86 arch:x86

16aa3f4e373ce52384b6f6deba9c4902

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
FindClose
GetTickCount
CreateMutexW
GetSystemInfo
DeleteFileA
CloseHandle
GetModuleHandleA
HeapSize
GetStartupInfoW
CreateFileA
GetCurrentDirectoryA
GetFileSize
GetEnvironmentVariableA
ResetEvent
HeapDestroy
ReleaseMutex
SuspendThread
FindClose
InitializeCriticalSection
GetTickCount
WaitForSingleObject
ExitProcess
HeapCreate
SetEndOfFile

wininet

HttpEndRequestA
FtpCreateDirectoryA
FtpGetFileA
FtpPutFileA
DeleteUrlCacheEntryA
FtpDeleteFileA
FtpFindFirstFileA
DeleteUrlCacheEntryA
HttpQueryInfoA
FindCloseUrlCache
FtpGetCurrentDirectoryA
FtpOpenFileA
DeleteUrlCacheEntryA

encapi

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ