ad0741fa22e4d5b72f84ca5b64694abd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad0741fa22e4d5b72f84ca5b64694abd
Size

773KB
MD5

ad0741fa22e4d5b72f84ca5b64694abd
SHA1

b10f549e2329d1d6e135754a9a67c722e0fc1129
SHA256

41d8e8ee4321c89daedd207266936cd4b40daaec7d3da7f400c6766c6419f45e
SHA512

c775449a5bf067f0c1c7274c39e5f780d2f0e7d58147ae89c091d8b33406a838b33f5be4c81fa543487513650da0f52d4b2589cf588119059930fb57a6789489
SSDEEP

12288:HH5p1suWbdXskgqcb5kXBV/a9cIfYPQJ0PJgRkFsrAFXMliOTIN+wiBk0fPpGO:NwgXmjsQhAkFs0FXMliOTIBi20z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad0741fa22e4d5b72f84ca5b64694abd

Files

ad0741fa22e4d5b72f84ca5b64694abd
.exe windows:4 windows x86 arch:x86

5738e9cf5805ee03d78c5f9dc992e20f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
CreateEventA
GetCommandLineA
ResetEvent
HeapCreate
SetEvent
CloseHandle
OpenMutexW
GetStartupInfoA
GetModuleFileNameW
CloseHandle
FindResourceA
DeleteFileW
GetModuleHandleA
TlsGetValue
HeapDestroy
GetTimeFormatA
VirtualQuery
GetCommandLineA
Sleep

user32

PeekMessageA
IsZoomed
GetWindowLongA
IsWindow
GetSysColor
FindWindowA
GetClassInfoA
CreateIcon
DestroyMenu
DispatchMessageA
DrawTextW
DispatchMessageA
CallWindowProcW

ntlanman

NPOpenEnum
NPOpenEnum
NPOpenEnum
NPOpenEnum

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ