ace3dd868b357b97e60f08f2e3840943 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ace3dd868b357b97e60f08f2e3840943
Size

146KB
MD5

ace3dd868b357b97e60f08f2e3840943
SHA1

984e8348c677d2a6879d964490c1dc097bc8e49f
SHA256

e4b98360e3fbc418fb95eac70dd2fc82cfde9b84e0b8bdb4c93d651dc37b8516
SHA512

eef45806c6b3fabde290a771a0b7cf8ae88b2bc87146f8997f6a0119a278bca71d441c74c0451f411e24e71d4d848284e71bad4dfd2a8c97c22b2b47e77e181c
SSDEEP

3072:RN1J7lP0a2hr3EVHmodEJ4sAKkWd7wzM/A7gkrrxKf:RNn2FwA4sAKkWVEMI7ggk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ace3dd868b357b97e60f08f2e3840943

Files

ace3dd868b357b97e60f08f2e3840943
.exe windows:1 windows x86 arch:x86

81b4d1b1c2b3dfa2357d2697d00234b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetSystemDefaultUILanguage
GetProcessIoCounters
ReadConsoleInputA
VirtualAllocEx
FindResourceA
GetProcessVersion
FillConsoleOutputAttribute
ExitProcess
MultiByteToWideChar
CreateDirectoryA
MulDiv
GetConsoleCommandHistoryLengthA
OutputDebugStringA
CloseHandle

winspool.drv

DeletePrintProvidorW

user32

GetSystemMenu
OemToCharA
FindWindowExA
PostMessageA
MapVirtualKeyExW
SendNotifyMessageA
GetWindowTextA
DrawFocusRect
EndMenu

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 87KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ