aab71e2bd24b6b3671570e8b7c7ec724 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aab71e2bd24b6b3671570e8b7c7ec724
Size

270KB
MD5

aab71e2bd24b6b3671570e8b7c7ec724
SHA1

3b46918405b295a2aa6a1b3d141e047cdf891fa9
SHA256

e409063e0d2bb4cb46350c49e57bdd4103ee1143778860cd22337fca68f4afdd
SHA512

c4cb3e38024b3fd7359eea8c7baa33ae8fcc31ba66136c0f20fe1ac0a43862191f47487e04df0d0749c97acbf0015cbc378a587303bafa82d601129ccf77e95d
SSDEEP

6144:0CBKp8TibudFZCcVoo27x5ZDOzfv9kzv/IOcskH:0CBK2xLZCcVoo2959Ob9q//lkH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aab71e2bd24b6b3671570e8b7c7ec724

Files

aab71e2bd24b6b3671570e8b7c7ec724
.exe windows:4 windows x86 arch:x86

ae03bc64a776e8b0052fa0757c9631e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FileTimeToLocalFileTime
SetConsoleIcon
CreateMutexA
GlobalUnlock
CopyFileW
CreateThread
SetCommConfig
GlobalUnWire
GetFileSizeEx
GetFileAttributesA
VirtualProtect
lstrcmpiA
CreateDirectoryExA
WriteConsoleOutputAttribute
Heap32ListFirst
ExitProcess
DosPathToSessionPathA
FindFirstVolumeMountPointW
FatalAppExitA

user32

RegisterShellHookWindow
GetMenuCheckMarkDimensions
DdeQueryStringW
MessageBoxW
MBToWCSEx
GetAppCompatFlags2
InternalGetWindowText
EnumDisplaySettingsExA
EnumDisplayDevicesA
SetTaskmanWindow
WinHelpA
DlgDirListW
DrawCaptionTempW
SetDeskWallpaper
GetWindowThreadProcessId
DlgDirListComboBoxW
SendMessageCallbackW
PostMessageA
SetDlgItemTextW
DrawTextExW
DdePostAdvise
GrayStringW
GetAltTabInfo
CreateWindowExA
DrawFrame

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE