aa9f56796c2e491f1f124828b0a576b3

Sharing

Copy URL

Twitter E-mail

General

Target

aa9f56796c2e491f1f124828b0a576b3
Size

710KB
MD5

aa9f56796c2e491f1f124828b0a576b3
SHA1

a2defea410fdbd4848f69ab7255e343c711ef41d
SHA256

e05882b87499e78a2e13f252aef192960bf8ffb54ea2328f525069376b8604f2
SHA512

2f6b9a15f62eb1a46696e9e40eb16c3cfd533fcf67a021a54f157870cf9a07f663425542c0ce02bb55f7300bfe8e19837fc88e2deb234cd481e7a137a6156a52
SSDEEP

12288:wvb6/LIH44/ypi+QmWOdHsxls0/CN+lzvqNpQ0lacuAK0wYWWoF5uYwKAT5NL:wGL47q0OBsTCpM5cuAnq7O6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa9f56796c2e491f1f124828b0a576b3

Files

aa9f56796c2e491f1f124828b0a576b3
.exe windows:5 windows x86 arch:x86

a16886db1e46080fa2af9dfab41e5d29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
lstrcmpiA

user32

MessageBoxA

imm32

ImmSetCompositionWindow

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

advapi32

RegQueryValueExA

version

VerQueryValueA

Sections

Size: 22KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 860KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kascegwv
Size: 678KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aysaqdjq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aysaqdjq
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a16886db1e46080fa2af9dfab41e5d29

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

imm32

gdi32

ole32

advapi32

version

Sections

Size: 22KB - Virtual size: 52KB

.rsrc Size: 1KB - Virtual size: 3KB

.idata Size: 1024B - Virtual size: 4KB

Size: 512B - Virtual size: 860KB

kascegwv Size: 678KB - Virtual size: 680KB

aysaqdjq Size: 512B - Virtual size: 4KB

aysaqdjq Size: 3KB - Virtual size: 4KB

.data Size: - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 3KB

.idata
Size: 1024B - Virtual size: 4KB

kascegwv
Size: 678KB - Virtual size: 680KB

aysaqdjq
Size: 512B - Virtual size: 4KB

aysaqdjq
Size: 3KB - Virtual size: 4KB

.data
Size: - Virtual size: 4KB