ac6a8945e6a91fc35ef383df70444bd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac6a8945e6a91fc35ef383df70444bd2
Size

22KB
MD5

ac6a8945e6a91fc35ef383df70444bd2
SHA1

e7437e80302677dbeb2f7da044df9b466f8668c2
SHA256

ad34111acfc567249c5d8006af93fa1a6a3fe7ef78cad2a0840dd10e9211a210
SHA512

26bf655a2221c8a5bf1484aa826640f39201d19e8ee41051bc31cccb717483afa7785f9715a3fadcd4787e5f86b4395aefe0528df2793d2a104e52a70cde9678
SSDEEP

384:/e0A4hVNpA6qw+uFA1Y5hvA08v3kEA5baik+P2Qx3a/jxn7kl2:fA4hVNCLw+V1Y5hvA7vytk+OQkjFkc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac6a8945e6a91fc35ef383df70444bd2

Files

ac6a8945e6a91fc35ef383df70444bd2
.exe windows:4 windows x86 arch:x86

e3775a8378d5637b32b59b20908527a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
GetTapeParameters
LoadResource
SetHandleCount
ReplaceFileA
DnsHostnameToComputerNameA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ