aa87a954a04a7f5dfeb0ba13a4682f2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa87a954a04a7f5dfeb0ba13a4682f2e
Size

74KB
MD5

aa87a954a04a7f5dfeb0ba13a4682f2e
SHA1

5203ef6ee1f4511f9e1f26a4ff5be3da1ff22db1
SHA256

05ee06e5f16d861569bbd7016ac7c1dea71a8e93e91ccc87dffd5175bc5e9a15
SHA512

3e8f7c3232656116abe256803d860fab3e4d4ceabcd7d6933422167e8ebd1d566eeca3cbd6bf67ba91d92fb92431f61e16e86d053dad1898ef797f25da67c748
SSDEEP

768:XWoVhBdgmHVNwFchlmWrwrkesBkZeBrRI3a8bj5T/BPaCd5mdZAcq3lih/2bs9aw:pIJwZe5Zoizb1zd6u9o9avOqzy0qRdN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa87a954a04a7f5dfeb0ba13a4682f2e

Files

aa87a954a04a7f5dfeb0ba13a4682f2e
.exe windows:5 windows x86 arch:x86

08fd91a11d1ad4516403b9509f9bbee5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
FindClose
GetCurrentDirectoryW
FindVolumeClose
CancelIo
GetDriveTypeA
GetFileType
WriteFile
GetCommandLineA
LocalSize
CloseHandle
IsBadReadPtr
GetModuleHandleA
GetTickCount
HeapFree
WaitForMultipleObjects
FindVolumeClose
GetFileAttributesA
HeapCreate
CreateDirectoryA
ExitThread
lstrlenA
GetModuleFileNameA
CreateSemaphoreA
VirtualQuery

uxtheme

GetThemeEnumValue
DrawThemeBackground
OpenThemeData
GetWindowTheme
IsThemeActive
GetThemeTextMetrics
GetThemeTextExtent
CloseThemeData
GetThemeColor
GetThemeBool
DrawThemeEdge
SetWindowTheme
CloseThemeData

fltlib

FilterClose
FilterClose
FilterClose
FilterClose

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE