ad45e1dbf5b0bd59ff8c696538c2c32e | Triage

Sharing

General

Target

ad45e1dbf5b0bd59ff8c696538c2c32e
Size

50KB
MD5

ad45e1dbf5b0bd59ff8c696538c2c32e
SHA1

40c8ee3ca7fae16e12b5f6a7dfc60015500cbe61
SHA256

952b80934e002a82c8af1a4c2e0cc52d1a42f2120879abbd26bcbc83bc9fb133
SHA512

e1a2b0eef8517b6b91ed373ef37764cc4a4bb61c4e3cc6b43ee2ff1ac59aa6c46cc56c86c9f4adbf71f3d296339c57f2038e5eb5ec4b142d44b7b0b21ddd04e8
SSDEEP

1536:8VQMJzTAvEhsx788OLiRRIvp3nyVdhd8PpQmVs:8VhdT8tQ8AiRRayV76PnV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad45e1dbf5b0bd59ff8c696538c2c32e

Files

ad45e1dbf5b0bd59ff8c696538c2c32e
.exe windows:4 windows x86 arch:x86

5e18f05a0d73545ded9ddd86d7fe9071

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelDeviceWakeupRequest
CreateConsoleScreenBuffer
ExitProcess
IsBadCodePtr
ResetWriteWatch
WritePrivateProfileStructA

user32

BroadcastSystemMessageA
CreateIconIndirect
DrawStateA
GetClipboardSequenceNumber
GetThreadDesktop
GetWindowModuleFileNameW
KillTimer
SendMessageW
SetRectEmpty
UserClientDllInitialize

shell32

Control_FillCache_RunDLLA
Control_RunDLL
DllInstall
ExtractAssociatedIconW
ExtractIconEx
ExtractIconResInfoW
FindExeDlgProc
FindExecutableW
InternalExtractIconListA
SHFileOperationW
SHGetNewLinkInfo
SHInvokePrinterCommandW
ShellAboutA
ShellExecuteExW

gdi32

AddFontResourceW
CopyMetaFileW
CreateDIBitmap
CreateDiscardableBitmap
CreatePenIndirect
DeviceCapabilitiesExW
EnumICMProfilesA
GetBkColor
GetColorAdjustment
GetTextCharsetInfo
LineDDA
OffsetClipRgn
SetBrushOrgEx
SetColorAdjustment
SetPixelFormat

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE