acf97b6485021ee03a053b6990849d6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acf97b6485021ee03a053b6990849d6e
Size

2.6MB
MD5

acf97b6485021ee03a053b6990849d6e
SHA1

2b23d87fef5efac726edcf4f75817abef7d7182a
SHA256

a9dd9b3ba2bdc121cc8b59cb6cd212deda0d4b9e167895c0a1f964e6f60d231a
SHA512

255117a1a3051371ee0881e04d41447f9c21c581fdce7abc1d8f4a698c6bfb18ce485b557c05e3b19c82d098008d54101062343bb14c74ab908727a71051b93c
SSDEEP

49152:/xtO0gk2etGbtuy2iLeKkj3GAS3c7nhWygPPqieVEVQ20WGWv/WgGSWJ:R8etEu9ZKkj3GAEcAyEPqhVEX3G03W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acf97b6485021ee03a053b6990849d6e

Files

acf97b6485021ee03a053b6990849d6e
.dll windows:4 windows x86 arch:x86

1f15081c9791c882001ee9c65b7bf428

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
SetComputerNameA
lstrcmpW
GlobalAlloc
IsBadHugeReadPtr
GetUserDefaultUILanguage
DefineDosDeviceW
GlobalSize
Heap32First
GetCommMask
GetConsoleCursorMode
GetTempPathW
GetEnvironmentVariableA
lstrcpy
WriteConsoleOutputW
SetSystemTime
GetWindowsDirectoryA
QueueUserAPC
GetPrivateProfileStructW
LocalHandle
FillConsoleOutputCharacterA
FoldStringW
GetFileInformationByHandle

Sections

code
Size: 4KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ