acbbdf8f4c0e9002bb236d2ec6120540 | Triage

Sharing

General

Target

acbbdf8f4c0e9002bb236d2ec6120540
Size

802KB
MD5

acbbdf8f4c0e9002bb236d2ec6120540
SHA1

1558f4cedece15f2fca6f4b3d4a9e6a027f41e04
SHA256

0e937a0c7c00f94b47fae0c87b32e2c0bea618fea0a69f9d63f14bbf13d7e5d7
SHA512

bbd9d946b77bcefa91e5c3d413664aa71d5391305b72c105b99dfbde3d56ba22d7986392c2e67907fee2dd89e4557a0f191a245e0dfd7e9cb554b0786c48e332
SSDEEP

24576:wXikJg6jArKH3k2brwM08TY70rYFgnu1eNMda:2iky6j6KHjcMkKnceNj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acbbdf8f4c0e9002bb236d2ec6120540

Files

acbbdf8f4c0e9002bb236d2ec6120540
.exe windows:5 windows x86 arch:x86

aec9eb4ec60c1edcee63abf93bd73830

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetDriveTypeW
GlobalFlags
PulseEvent
DeleteFileW
InterlockedExchange
CreateDirectoryA
GetProcessVersion
DeleteFileW
GetVolumePathNameA
GetConsoleMode
CreateFileW
FindAtomW
SetFilePointer
VirtualProtectEx
OpenEventA
LeaveCriticalSection
OpenMutexA
GetModuleFileNameA
GetModuleHandleA
HeapDestroy
GetCurrentThreadId
GetProcessHeap
GetFileAttributesA
SetFileTime

user32

IsMenu
LoadCursorA
SetRect
DispatchMessageA
SetFocus
GetWindowTextA
GetWindowLongA
DestroyIcon
MessageBoxA
DestroyMenu
GetWindowLongA
wsprintfA
PeekMessageA

dot3gpclnt

LANGPADeInit
ProcessLANPolicyEx
LANGPAInit
GenerateLANPolicy

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE