ac1625808eb722bbb6aaca39d45221a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac1625808eb722bbb6aaca39d45221a1
Size

1.1MB
MD5

ac1625808eb722bbb6aaca39d45221a1
SHA1

8df6cb4b21d5326e241f15e47b69fd8532898f50
SHA256

7427ac6127a5188e84b6cb0cdfd2d6f94af3a99772b5ad0fd1166a1264169792
SHA512

89a53e7caf31435a9870a84465ffbe2cf1421eb5b9024828065c1e9e1b9705f12f6fe68fc4532eed97e88fd7e9db42b1f830a4f52397cb6b5988480ca16ce094
SSDEEP

24576:+d7zEQRTA56Ili91DSbArU9nBOOo9Q3nalLL19AMds:+RECTa6IjSWB18lnAM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac1625808eb722bbb6aaca39d45221a1

Files

ac1625808eb722bbb6aaca39d45221a1
.exe windows:8 windows x86 arch:x86

1cec158d255406006072057a44b7a64e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
GetLastError
ReadFileEx
RegisterWaitForSingleObjectEx
SetThreadAffinityMask
ReadFile
OpenEventA
CreateNamedPipeA
TerminateThread
TryEnterCriticalSection
GetModuleHandleA
CreateThread
InterlockedIncrement
CloseHandle
CreateFileA
InterlockedDecrement
SetFilePointer
InitializeCriticalSection
WaitForSingleObject
GetCurrentThread
SuspendThread
LeaveCriticalSection
OpenThread
ExitProcess
RegisterWaitForInputIdle
ConnectNamedPipe
EnterCriticalSection

Sections

.text
Size: 779KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 350KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ