ac51b86f2ff554929c6feaa1c0c9c80e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac51b86f2ff554929c6feaa1c0c9c80e
Size

179KB
MD5

ac51b86f2ff554929c6feaa1c0c9c80e
SHA1

2f683dcbed1008f44b172aa6a5cd0dd99ea6ffc4
SHA256

1c20ab1d5c0f255ca8156420f00967b21b8c24b2a4ff102d4464076a663fa52d
SHA512

571a92bb31ab654f1fd47ba2ed28d032aefaa236b599ee378ed4f7d05f0755fdabb978156d4dba94d2e8e3acae4dcc9033b45478dc27d4767b5063bdc871852d
SSDEEP

3072:MrgabQnQ9q5x+EzlMtY+W1U+TLPuyHcAM9hieGrhMF3v8VqC2:MrZQnQ9KPAF0Dv/QXU63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac51b86f2ff554929c6feaa1c0c9c80e

Files

ac51b86f2ff554929c6feaa1c0c9c80e
.exe windows:4 windows x86 arch:x86

55968630f4aea527530ebb15691551f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetPrivateProfileStringW
GetVersionExW
GlobalGetAtomNameA
LoadResource
InitializeCriticalSection
Sleep
FreeLibrary
GetVersionExA
GetTickCount
LockResource
lstrlenW
MulDiv
DeleteCriticalSection
GetModuleHandleW
GetPrivateProfileIntW
EnumResourceTypesA
GlobalSize
FindFirstFileW
FindClose
LoadLibraryA
GetDllDirectoryW
GetModuleFileNameW
MultiByteToWideChar
GetProcAddress
WritePrivateProfileStringW
GetLocaleInfoW

shell32

DllGetVersion
ShellExecuteW
SHFileOperationW
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExA
Shell_NotifyIconA

wininet

HttpQueryInfoA
InternetConnectA
InternetOpenA
InternetTimeToSystemTime
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetCrackUrlA
InternetErrorDlg
InternetReadFile
InternetTimeFromSystemTime

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ