ac02626cd47037e4bdfff5a644590cbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac02626cd47037e4bdfff5a644590cbd
Size

76KB
MD5

ac02626cd47037e4bdfff5a644590cbd
SHA1

8603e7a7d5482dc048edbbd96b4ea0d8d857e913
SHA256

73fa8b7ce8b2ad7b42b143a83ce90c2d2fb647c302b6c9cfcaea2ebe8020235c
SHA512

9cce4aae8ba733860e9f5236f85334d6d4a235a0972473d74b70e670cad09b39a6cba969bc26251cbb5f7948d095e22f8b8eafa99b7b2b866caeca6fb1b08974
SSDEEP

768:eAjGT9LXKQApiwmIapbfuwHVYW4kqkSn4Afj5zlUBs1jwNMi30hbtG/:aBLHsxSbf5HGkKnnl1jwNMiYtG/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac02626cd47037e4bdfff5a644590cbd

Files

ac02626cd47037e4bdfff5a644590cbd
.exe windows:4 windows x86 arch:x86

e62639d79ccd2d0f988c9877510efcdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
LoadLibraryW
GetProcAddress
GetVersionExA
HeapFree
lstrlenA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
GetModuleHandleA
TlsGetValue
TlsSetValue
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
ExitProcess
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSection
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ