abe7988b19094f3564c7bf7e01b08b3a | Triage

Sharing

General

Target

abe7988b19094f3564c7bf7e01b08b3a
Size

76KB
MD5

abe7988b19094f3564c7bf7e01b08b3a
SHA1

a55ed8f76fd2b8d1f1188e219036a45abfcd4322
SHA256

3d02c494d6d3f3f8873b6bf0ce6caf95b8a170a5a7cbb9f9bd7b1ea69611760c
SHA512

fa6465c6f0deaa6ca29b38a535820fa623ed88472a6389aee2730dbf73c6b0e89a650e1950bc4a5a3ef568c121a167a4057b5b668f1868e2779ada2456c5a231
SSDEEP

1536:i6lzgLZQMJ36yVhY6y+km6dkTiGenmwpjVrs2ryrd1vUQuq6:xMh/yY6K2/nBHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abe7988b19094f3564c7bf7e01b08b3a

Files

abe7988b19094f3564c7bf7e01b08b3a
.exe windows:4 windows x86 arch:x86

4d2c567d1fff53a948e6a37853ab461b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCalendarInfoA
HeapExtend
_lwrite
TlsFree
SetConsoleScreenBufferSize
FatalExit
GetFileInformationByHandle
AssignProcessToJobObject
WriteProcessMemory
NlsResetProcessLocale
GetCommState

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE