abdc24b715346fc49e14032b726a67e3 | Triage

Sharing

General

Target

abdc24b715346fc49e14032b726a67e3
Size

145KB
MD5

abdc24b715346fc49e14032b726a67e3
SHA1

6683051e8c6c56f04701aee293d823cad4e01ee3
SHA256

dd24dd5b11beacf372ba120bef726dc749e98783edb8b6d3db381ed82c5ecc01
SHA512

f54d85cdd9cc32ca166b4b9e05fc781d12c66a4a7a714f9e4f80b414cfaee9a8f8fcabd80022d87fc637092a5198ba5d437e9ad04020ed07abf63a06f9f1a482
SSDEEP

3072:FXlpGoVisXjvH5VQT8/doCDQ5o7UhJ8pi3JBEovDvuIdznl:DpXVRbn6CE5o9pi5BEsDmI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abdc24b715346fc49e14032b726a67e3

Files

abdc24b715346fc49e14032b726a67e3
.exe windows:1 windows x86 arch:x86

8e68834fc568fa605ce82288a8abac8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetEnvironmentStringsA
CloseHandle
SetConsoleMode
WaitNamedPipeA
WriteProcessMemory
GetDiskFreeSpaceA
MultiByteToWideChar
PeekConsoleInputA
SetSystemPowerState
MulDiv
VirtualAllocEx
ExitProcess
ReadConsoleOutputAttribute
FindNextFileA
GetFileTime
WriteConsoleOutputA
GetPrivateProfileStructA
ClearCommBreak
GetCurrentProcessId
FlushViewOfFile
MulDiv
OpenEventA
UnlockFile
WriteConsoleOutputCharacterA

winspool.drv

EnumPortsA

user32

CreateIconIndirect
GetWindowTextA
GetKeyboardLayoutList
EnableMenuItem
OffsetRect
GetCursorFrameInfo
SetClipboardViewer
IsChild
IsWindowUnicode

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 90KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ