ac968f18402b0f6535109af7dc477b7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac968f18402b0f6535109af7dc477b7b
Size

64KB
MD5

ac968f18402b0f6535109af7dc477b7b
SHA1

00dd4f2ccbb0237aba1eeb610f6c385b8347a162
SHA256

710433d2038d3c66a72a1df0de2ad75deeb2980ca03b5a9a8fa89c847b00dba6
SHA512

3010275acb1250ba0482acf5d417495f91d53be9e44ddfeef26e2881945f9a6e34f6381c64ab8ab46a0c4a89aa903db5c48e97065393c50c438238300d264b21
SSDEEP

1536:BMXD/jeCMrZ9NIfI5kLBq2U9Po4M/p+LITjf90P6:BMT/jdUwIg87PlMh+LIv9s6

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Data/SD.bat
unpack001/Data/santorokiss.dat

Files

ac968f18402b0f6535109af7dc477b7b
.rar
Data/021.acv
Data/SD.bat
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

LoadLi
Size: 4KB - Virtual size: 1830.1MB

Size: 88KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
Data/santorokiss.dat
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.Upack
Size: - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
macro.txt