ad982801d5728ca96de3ca4c5d7c0af2 | Triage

Sharing

General

Target

ad982801d5728ca96de3ca4c5d7c0af2
Size

18KB
MD5

ad982801d5728ca96de3ca4c5d7c0af2
SHA1

7d8e882387d165e9c819a4dfd0f98f0810cd21f0
SHA256

dc1295a5a42603ad1c2f3e320ce77f75ccca8981832d908b273b951784b8cd6e
SHA512

7d12872f365781200376c4a0962d1fe13b7310eebbf45428a36df82947c36edb176c0012fbddc7a66964930c21d9c927f2b6b3acfbbc1300023435cc083924dc
SSDEEP

384:+c77/9bmDKtD5/QVNavabUHA8pjkG7qrJKcul0szto:+cv/9bTtoavVpjTCwl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad982801d5728ca96de3ca4c5d7c0af2

Files

ad982801d5728ca96de3ca4c5d7c0af2
.exe windows:4 windows x86 arch:x86

a540450d029c032d98ea5fb343e64943

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
CreateEventA
GetFileAttributesA
lstrcatA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
CloseHandle
lstrcpyA
lstrlenA
SetFilePointer
LoadLibraryA
RtlUnwind
ExitProcess
CreateThread
WaitForSingleObject
GetVersionExA
WriteFile
ExitThread
GetTempPathA
CreateFileA

user32

wsprintfA
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
BeginPaint
IsWindow
CloseWindow

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ