ad9caa40e4d0e6534da0b18e285a29ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad9caa40e4d0e6534da0b18e285a29ba
Size

25KB
MD5

ad9caa40e4d0e6534da0b18e285a29ba
SHA1

b45fb9b4e0889c4a64f5399be46fecf54d30ea6a
SHA256

7039799db590526b86fb6e1be0e115e2547f0ef7590a8bd5af8e0d92c269b169
SHA512

b29c86f71ef99d0e71e5a7af2f524f92aa453c75497a9ff69658a56fef20ca88be252606eef41b3e22516e053bd317a8f7232ede5fd4d9c2f37b36d7a124705f
SSDEEP

384:IeFZ6qaV7cHo1mjdR8M+5GJCkeRP1dLCvdnkFoaWq3Ygurbcj1wk:IeFZ6qsGo1mjz8ZGJ8LdOv9MP3OUpT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad9caa40e4d0e6534da0b18e285a29ba

Files

ad9caa40e4d0e6534da0b18e285a29ba
.exe windows:5 windows x86 arch:x86

529fefb783dcbb3b9f5baf618b34237d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveInReset

msimg32

TransparentBlt

kernel32

ExitProcess
GetCommandLineA
GetStartupInfoA
lstrcmpA
Sleep
OutputDebugStringW
CreateProcessA
lstrlenA
HeapReAlloc
HeapAlloc
GetProcessHeap
GetTickCount
GetModuleHandleA
OutputDebugStringA

user32

DefWindowProcA
ShowWindow
CreateWindowExA

gdi32

SelectObject
GetObjectA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE