ac1286d0ac10cd50acaf511bf43f62cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac1286d0ac10cd50acaf511bf43f62cf
Size

274KB
MD5

ac1286d0ac10cd50acaf511bf43f62cf
SHA1

9eb29f5f2baf51c45f0edfd32cba2b408ea42a54
SHA256

66f3a2e4bbe346009fb865ec96ada810bd9afe917ec85f8ad44055d07693ab95
SHA512

e8409c94161e5df8435c556d942f7708d1656b33db62f4060a9091e02a14c6ca19451b8490f64d26aad95c42e4e324fd4321968e0e79bfff9d7b97e4420649f9
SSDEEP

6144:Sba2zdY4rg1QQXnQ5RaNVRguCGdaQzS2PXx3kjQT/Xn2hoLfOj:SLd2nnQeVRgpVktkjI2hsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac1286d0ac10cd50acaf511bf43f62cf

Files

ac1286d0ac10cd50acaf511bf43f62cf
.exe windows:4 windows x86 arch:x86

30d85951a68e9c3a40ce7177f22a3e71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlGetPartW
PathCombineW
UrlCombineW
UrlApplySchemeW
UrlCanonicalizeW
PathAppendW

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSRegisterSessionNotification

oleacc

LresultFromObject
AccessibleObjectFromEvent

msimg32

TransparentBlt

kernel32

GetCurrentProcess
VirtualAlloc
HeapFree
SetUnhandledExceptionFilter
GetCPInfo
IsDebuggerPresent
RtlUnwind
LoadLibraryA
EnumResourceTypesW
GetACP
LCMapStringA
LCMapStringW
ResetWriteWatch
GetStringTypeW
GetOEMCP
InterlockedExchange
WriteFile
GetStringTypeA
GetLocaleInfoA

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ