acbc6e152e9a2e7f727392497223be51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acbc6e152e9a2e7f727392497223be51
Size

52KB
MD5

acbc6e152e9a2e7f727392497223be51
SHA1

4807c1fa61a989df239c87d273e9a2abb260ebe9
SHA256

7a93fab822636fb286d6555dd623f9f4cab555fdc08dadc13ea63193b1f89b98
SHA512

3cbd2ad844166c97e1a22fcddd2849c5fdbb13a44e210b3886f99f86d8c6b39ce443cc7a2f0e8a5347614ad56b39f867827c376bd235d1b29d28f0b3c5d731a7
SSDEEP

1536:m4NYVRp2GRAfL7Tb1E+oFEla71vFG46XU:mBVeGKfL7TbyEla719G46k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acbc6e152e9a2e7f727392497223be51

Files

acbc6e152e9a2e7f727392497223be51
.exe windows:4 windows x86 arch:x86

80e4de45f53b41acab7844d280357763

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetFileAttributesA
PulseEvent
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
CloseHandle
CreateProcessA
OpenEventA
WriteFile
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetCurrentProcessId
GetCurrentProcess
SetFilePointer
CreateFileA
GetModuleFileNameA
SizeofResource
LoadResource
FindResourceA
Process32Next
Process32First
CreateToolhelp32Snapshot
CompareStringA
lstrlenA
lstrcpyA
lstrcatA
ReadFile
GetSystemDirectoryA

user32

wsprintfA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ