abd212a17a30881af5279ca76aba12e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abd212a17a30881af5279ca76aba12e8
Size

108KB
MD5

abd212a17a30881af5279ca76aba12e8
SHA1

c6c1b9d5b5497d6cdb178317c8e947a9521cbcb4
SHA256

166aa09a7a2e0ca4f5721ebe7b1e9deb9d858d480de1674c10752bcbf170502a
SHA512

96c91524bf397d1cd0825e3de4209d1cfa941fba05813740e5c985568efe9e38945690175fbbd06671607b0a2a4638f9a27b22a52ba934ef67a719976cb34eb4
SSDEEP

3072:VimWd0eVRKvRk7KvIw1Sa2DlDip+IKHWSX6+sO:I72vTEDNi/KlH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abd212a17a30881af5279ca76aba12e8

Files

abd212a17a30881af5279ca76aba12e8
.exe windows:4 windows x86 arch:x86

7eb7373c3568f123d7bc4587b1a57147

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
MoveFileA
SetLastError
LoadLibraryExA
GetLastError
MapViewOfFile
IsProcessorFeaturePresent
OpenJobObjectA
OpenDataFile
GetLongPathNameA
FindActCtxSectionStringW
DeleteTimerQueue

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 94KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE