Net-Worm[.]Win32[.]Allaple[.]b-ed0e306cfa7968c4db274d7ba5c18c84823cd766e0e374c54fe650ba92a22ba4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Net-Worm.Win32.Allaple.b-ed0e306cfa7968c4db274d7ba5c18c84823cd766e0e374c54fe650ba92a22ba4
Size

119KB
MD5

4baef7c49e86f03c7501b75bce581172
SHA1

7bc79885eb0d97297be5178de9fa77bf8ce444dc
SHA256

ed0e306cfa7968c4db274d7ba5c18c84823cd766e0e374c54fe650ba92a22ba4
SHA512

aea8ffb307c00684867a3c76bd10f7cdeb3b80012ced0ee7f302304888e40f76c1cac3b07a6541e9b0919d3b652c6c20b911d7f104cdbf258c0ce4f75288e057
SSDEEP

3072:YS9snXpUTidTuMdP6SSpgiicmlbraSEk/BRO7q9wmtC:YS9s5UTATDflbuHkZR8q9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Net-Worm.Win32.Allaple.b-ed0e306cfa7968c4db274d7ba5c18c84823cd766e0e374c54fe650ba92a22ba4

Files

Net-Worm.Win32.Allaple.b-ed0e306cfa7968c4db274d7ba5c18c84823cd766e0e374c54fe650ba92a22ba4
.exe windows:4 windows x86 arch:x86

fec3d1cbb27b739f6c0c5481a07ad1b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileInformationByHandle
GetNumaHighestNodeNumber
lstrcmpW
SetFirmwareEnvironmentVariableExA
EnumResourceNamesA
GetPrivateProfileStructA
GetCurrentProcessorNumberEx
GetPrivateProfileStructW
RegEnumValueW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE