ab7089ec39dcb144a564345bae1350e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab7089ec39dcb144a564345bae1350e4
Size

422KB
MD5

ab7089ec39dcb144a564345bae1350e4
SHA1

6f2f819e4d2b1d80b5cc5478cc514f4502613d48
SHA256

dfd4d5bc364a381d60b835b8d1a10d8864f70dae8087db9943cc32a90eea804c
SHA512

15d18da1a64de06f1bb72f93b5b293fed5e28d469358ed7e608619535942962c18979a7c2a7189b5e207628123855c8968ebfaab5ddcf90542006c0567196e67
SSDEEP

12288:/5J87pyQpIGnexy9zgQzQ8mMFOvCqpCKfAUnXnn:B27pnpIGnNzQ87dZUnXnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab7089ec39dcb144a564345bae1350e4

Files

ab7089ec39dcb144a564345bae1350e4
.exe windows:4 windows x86 arch:x86

06ad5f2e46f6660fea120fb7ad67f894

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetStringTypeW
lstrcmpA
GetExitCodeThread
lstrlenA
GetNumberFormatA
GetProcessHeap
HeapCreate
FreeEnvironmentStringsW
GetVersion
GetConsoleOutputCP
IsBadStringPtrA
GetDateFormatA
WideCharToMultiByte
GetCommandLineA
FlushFileBuffers
TlsFree
HeapReAlloc
GetEnvironmentVariableA
GetLocaleInfoA
WriteFile
GetTimeFormatA
FindResourceA
SizeofResource
VirtualAlloc
GetDriveTypeA
DeleteCriticalSection
SetConsoleCtrlHandler
LocalAlloc
lstrcpynA

msvcrt

strcmp
bsearch
__dllonexit
time
wcscpy

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ