aaa10cba788f42936070d40d9bb4fab2 | Triage

Sharing

General

Target

aaa10cba788f42936070d40d9bb4fab2
Size

181KB
MD5

aaa10cba788f42936070d40d9bb4fab2
SHA1

5582347f59982a6931368c3558da984bfa10d3fd
SHA256

b83260271c2a15c9a9897cf1282b0bbf9b62869626acd19524d2f9526ca62463
SHA512

5596f3f64cd4e8cb20f983c2e46f2fcc8cf52ffe9fa73209b15e5ece5ab6731e8ced674dcf329916cd9c1ab5f66f554e4cc0104a80bd4ebd9d06a52216cf233e
SSDEEP

3072:29OcuckUcf5wrX6G2PtDVMeREU7ytPpyyd/isIDvC2yKG5lJFkK:4OT5SrXf9UGehvC3FkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaa10cba788f42936070d40d9bb4fab2

Files

aaa10cba788f42936070d40d9bb4fab2
.exe windows:4 windows x86 arch:x86

167a2d8ae3529e03d5836c352d7271b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

user32

wsprintfA
wsprintfW

kernel32

GetShortPathNameW
LocalFree
LoadLibraryA
DeleteCriticalSection
SetHandleInformation
CloseHandle
IsDebuggerPresent
CreateFileA
GetProcAddress
GetModuleHandleA
EnumResourceTypesW
SetUnhandledExceptionFilter
GetCurrentThreadId
InitializeCriticalSection
GetLastError
UnhandledExceptionFilter
GetCurrentProcessId
GetVersionExA

ole32

StgCreateDocfile
StgOpenStorage

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ