adec42b45692c74fc9e2f1ac142816bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adec42b45692c74fc9e2f1ac142816bf
Size

175KB
MD5

adec42b45692c74fc9e2f1ac142816bf
SHA1

702388af69f63e1e485736777a22ac9fa1ab7070
SHA256

e6678b311af957fa47f7dd609339ecf127f915405df7ae88a632c28581e56dc9
SHA512

11ce459e137972295f751e1842ca05d161b2c0c8c6469210e1e69cfd32411e969900be44bb860568e870a0d448d7db5fa7e16baee1dedb27f996d164f8e312a5
SSDEEP

3072:j05cdESsEW+1ljhnFLjZfIWG4Icq+EpHFca48B1KzVetHlCF4cLghKA3ghiSyBhk:jCcdESHW+JxGjctmal8qznLKwhiSyhYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adec42b45692c74fc9e2f1ac142816bf

Files

adec42b45692c74fc9e2f1ac142816bf
.exe windows:4 windows x86 arch:x86

fd5237d9cfa9dc2cb106276835784dd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
CloseHandle
GetStdHandle
DeleteAtom
GlobalFree
LocalSize
LoadLibraryExA
GlobalFindAtomA
RaiseException
GlobalUnlock
ExitThread
GetProfileStringA
GlobalAddAtomA
SetCommBreak
lstrcat
LoadResource
GlobalLock
VirtualAlloc
SetConsolePalette
GetProcessHeap
EnterCriticalSection

user32

GetClassInfoExA
CloseWindow
GetWindow
GetParent
GetFocus
IsIconic
GetDC
DrawEdge
GetActiveWindow
BeginPaint
EndPaint
GetClassNameA
ShowWindow
ReleaseDC
GetForegroundWindow
AlignRects
GetWindowTextA
ValidateRect
GetWindowTextLengthA

wsock32

WSAAsyncGetServByPort
WSACleanup
WSAGetLastError
WSAStartup
WSASetBlockingHook

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ