Net-Worm[.]Win32[.]Allaple[.]b-fb70e74e8bbe4eb45cca156f57fd472f40b7c71f4557fd516804b2e6eb1000d6 | Triage

Sharing

General

Target

Net-Worm.Win32.Allaple.b-fb70e74e8bbe4eb45cca156f57fd472f40b7c71f4557fd516804b2e6eb1000d6
Size

119KB
MD5

2e6cf95c713950690fdc767fb4682f69
SHA1

e5083417b9ff8d22a0d59e7370d10eca5ce3c7b4
SHA256

fb70e74e8bbe4eb45cca156f57fd472f40b7c71f4557fd516804b2e6eb1000d6
SHA512

f792353e85c2ce71c38d4f1d5ed0aac303d117888e67ded4316542b3b847fa479fee21c34f5fab64c3ddeeea852e678103f04a40b17fe3643c63e70c2979b00c
SSDEEP

3072:saTUQQ3pafbItaCp/BUJu1EBByVy6kpxSFf:sTQqpaDQXp/uJu120Y6yGf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Net-Worm.Win32.Allaple.b-fb70e74e8bbe4eb45cca156f57fd472f40b7c71f4557fd516804b2e6eb1000d6

Files

Net-Worm.Win32.Allaple.b-fb70e74e8bbe4eb45cca156f57fd472f40b7c71f4557fd516804b2e6eb1000d6
.exe windows:4 windows x86 arch:x86

ac1442a62c547cbc0e9c82a8ac958d75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFirmwareEnvironmentVariableExW
GetUserDefaultLangID
GetThreadInformation
SetTermsrvAppInstallMode
GetCurrentPackageFullName
SortCloseHandle
DeactivateActCtxWorker
SetThreadpoolThreadMaximum
GetStringTypeA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE