ac39d7a7718cc47d4a7964439c95829c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac39d7a7718cc47d4a7964439c95829c
Size

191KB
MD5

ac39d7a7718cc47d4a7964439c95829c
SHA1

1f01a2f0351e906a69abb5cae32d5e404ebf82a6
SHA256

e81b8d28b0085f5b8252b5b2e9fa9d4ad5d1bf6d220350b09adad1332e5d407f
SHA512

2afbb1ced1b4660e2550a36c26982d369c58c396091d964236e1577231f7819f2759198d33c299d640e1270828d2b988394940ecd5ca058824baadac62bf3d03
SSDEEP

3072:vql+uXbT+ov95VtEFa0T0PBgkw/xV4M6HgPWYaOZp0:vu+MC8VniS4/w1cXL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac39d7a7718cc47d4a7964439c95829c

Files

ac39d7a7718cc47d4a7964439c95829c
.exe windows:4 windows x86 arch:x86

f6674606c40ef8209aa9872bda34a942

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
DeleteFileA
GetCommandLineW
GetCurrentThreadId
GetTickCount
GetCurrentThread
GetUserDefaultLangID
GetProcessHeap
QueryPerformanceCounter
GetStartupInfoA
LoadLibraryW
SetCurrentDirectoryA
GetWindowsDirectoryA
GetACP
GetCommandLineA
GetCurrentProcessId
GetDriveTypeA
GetConsoleOutputCP
IsDebuggerPresent
GlobalFindAtomA
SetLastError
Sleep
lstrlenW
lstrcmpA
GetModuleHandleA
lstrlenA
DeleteFileW
GetCurrentProcess
GetLastError
lstrcmpiA
GlobalFindAtomW
VirtualAlloc
RemoveDirectoryA
GetOEMCP
MulDiv
GetVersion

user32

CharNextA
GetDesktopWindow
GetSystemMetrics
GetDC

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ