ae21bb32f8d8e204a0e281f9ca895b6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae21bb32f8d8e204a0e281f9ca895b6f
Size

46KB
MD5

ae21bb32f8d8e204a0e281f9ca895b6f
SHA1

db09020ab30fc0148d35fc1b2983db1a6ecf3a34
SHA256

37930917a7fef303259447d003b1b24eeb4f93276cbbd9487ea4565aa89baa81
SHA512

df5dfa1b94e7c73f44946e3584e5f0e72c0c55f181c0a1fd6504908948a0dcf70c795dcc1fa0d99680453e81ecc000235338be72104ada9d4b957171c8625b9b
SSDEEP

768:+iKlO1sAIb/ykIyYH/E6JYBTl0XcaOPEFI/q6DpnxGf4G+cKYCYyKJ7aoeq:+G+AqxIf/JYBSXyPEO/LDzG2YCJYl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae21bb32f8d8e204a0e281f9ca895b6f

Files

ae21bb32f8d8e204a0e281f9ca895b6f
.exe windows:4 windows x86 arch:x86

35f1b2117b73642c37cfda18a7a172dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW

ntdll

RtlDosSearchPath_Ustr
RtlDeleteAtomFromAtomTable
RtlAppendStringToString
RtlFreeAnsiString
RtlQueryTimeZoneInformation
RtlUpperChar
RtlpNtEnumerateSubKey
RtlDuplicateUnicodeString

user32

LoadBitmapA
GetWindowRgnBox
SetUserObjectInformationW

gdi32

SetTextJustification
SetROP2
SetPixelV
SetMetaRgn
SetMapperFlags
SetDCPenColor
RestoreDC
RemoveFontResourceExW
RemoveFontResourceA
Pie
IntersectClipRect
GetPolyFillMode
GetPixel
GetNearestPaletteIndex
GetFontData
GetDCPenColor
GetCurrentObject
GetBitmapBits
AbortPath
CombineRgn
CreateDIBPatternBrush
Ellipse
FillRgn

msimg32

AlphaBlend

dinput

DirectInputCreateW

rasapi32

RasGetAutodialEnableW

cabinet

DllGetVersion

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE