ad56ca21f44f9e431de011a8336c1769 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad56ca21f44f9e431de011a8336c1769
Size

116KB
MD5

ad56ca21f44f9e431de011a8336c1769
SHA1

8b202449fc51a5a0f88c018bc110cdf4a2aee754
SHA256

bd26d0af8c6531495875d0fe7eb7da671a3756dcd071ca95b1d0a8f2bd9fd844
SHA512

1b7fdf463a6567b534c566c1e50b81d8aa61413196948eb0ce6d533615ad58dac338ceb009375a575638e964994e994deed16118dd34ec687c66df9c53c9c4ef
SSDEEP

3072:NW76OMXfl26fnB9pdKonOgZWj3BXDfEEAaEyx:A9MXfl26ZpKxgI7p42EG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad56ca21f44f9e431de011a8336c1769

Files

ad56ca21f44f9e431de011a8336c1769
.exe windows:4 windows x86 arch:x86

565ba500f1912eb5b645bf5ad4c83e48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnregisterConsoleIME
SetConsoleCursorInfo
AddConsoleAliasA
SetTimeZoneInformation
ConvertThreadToFiber
HeapReAlloc
GetMailslotInfo
WriteFile
LocalReAlloc
FindFirstFileA
WaitCommEvent
GetShortPathNameA
SetConsoleScreenBufferSize
ScrollConsoleScreenBufferA
GetThreadContext
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

atsec0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

atsec1
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

atsec2
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atsec3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ