acb37914cb5a31713b8da8efd83d27c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acb37914cb5a31713b8da8efd83d27c6
Size

164KB
MD5

acb37914cb5a31713b8da8efd83d27c6
SHA1

97c7dffed1133132512438301773ed590a3b060f
SHA256

6edcdd6165582e3f435737ef8099cc5c7a30abf35972b9579da06dc098b38a4a
SHA512

869994eb7cda6fffc533cf102c9c0a6518a53491857c5efb017908a9e30b85e2dacdd9d26f5eede33771044d0d1e91d37cb41cf5240d3f23c4c78b426ffc9f89
SSDEEP

3072:d9WkPy0JP6mkEqkfI78LUWR9WJO5y2xkmjMpzAAAQ045LwUaz29ujaKWvPHg:PWPq6kaIiyy2xHMpsAAZIJaKSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acb37914cb5a31713b8da8efd83d27c6

Files

acb37914cb5a31713b8da8efd83d27c6
.exe windows:4 windows x86 arch:x86

af80cd10d1816807fedb09b11ec0e646

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
FreeLibrary
GetModuleHandleW
LockResource
LoadResource
Sleep
InitializeCriticalSection
LoadLibraryA
GetProcAddress
GlobalSize
FindClose
DeleteCriticalSection
WritePrivateProfileStringW
MulDiv
EnumResourceTypesA
GetVersionExA
GetPrivateProfileIntW
FindFirstFileW
GetModuleFileNameW
LoadLibraryW
GetDllDirectoryW
lstrlenW
GetVersionExW
GetPrivateProfileStringW
MultiByteToWideChar
GetTickCount
GetLocaleInfoW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

shell32

DllGetVersion
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteExA
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ