ab9e935c414fe8724f0841cfbd522fbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab9e935c414fe8724f0841cfbd522fbf
Size

100KB
MD5

ab9e935c414fe8724f0841cfbd522fbf
SHA1

d337d1232712b915cc87674e563ed8d314a7a3c5
SHA256

5552b71cba5a2035b1585a218da0f71d6201cb6fd4a982cd742e7a7d45cea38e
SHA512

8908bfe6162a1d80190d171a4044acdc614b8b9204a1ec9e4cce4ee7cc69e33460fb09f5ee5aa45e2ae027f6216a0570e798436d38f16ec5195c8255bdabb412
SSDEEP

3072:o77/KSRNddvzL+nlAuRDDWTqRJ80EbYspb/P9tIuwZXX76NOVGRdp9zRT:caQb/l21H7m7p9zRT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab9e935c414fe8724f0841cfbd522fbf

Files

ab9e935c414fe8724f0841cfbd522fbf
.exe windows:4 windows x86 arch:x86

de6c7cb6a3205debfc6ae490248ff623

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
HeapFree
HeapCreate
Sleep
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
QueryPerformanceCounter
CreateFileA
ExitProcess
GetModuleFileNameA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
IsBadReadPtr
lstrcmpiA
FreeLibrary
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
GetCommandLineA

user32

wvsprintfA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE