ab2aceb46363c7172a78e86703dab8ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab2aceb46363c7172a78e86703dab8ab
Size

29KB
MD5

ab2aceb46363c7172a78e86703dab8ab
SHA1

bc3b228dddf4c819e94c32cf098bcff4db2d4f29
SHA256

9bae2491ffcd7a3245d1c4194971c366d6d55cfac51e887222e54b184dd8d67d
SHA512

033a6fd5aae671b8b6bc728f54dedfb6aee30e763302a9152fdf2642af438452a2806568d11dfdfcd8c44047b03ede8dfce55fb622834968e20f05a5f54d8ace
SSDEEP

384:shiSkMUf4Gn/Lpz3/Gg1v0mVlTN9LdzUpk/LzHpvh4UVx9:2FkXnjp7GSv0mDTN9L9UgtP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab2aceb46363c7172a78e86703dab8ab

Files

ab2aceb46363c7172a78e86703dab8ab
.exe windows:4 windows x86 arch:x86

03c8687a3ba19b45fcbbcef951df27f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
LoadLibraryA
ExitProcess
GetProcAddress

advapi32

AddUsersToEncryptedFile

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ