ae39342ba30c658ace32fbed5bccfbc3 | Triage

Sharing

General

Target

ae39342ba30c658ace32fbed5bccfbc3
Size

24KB
MD5

ae39342ba30c658ace32fbed5bccfbc3
SHA1

b32409b1609e472c5884456085057f7f5ddec44d
SHA256

2602805f7f1c65ea409939623923485eadcc2b1d0be5707b3324f9f6592e096d
SHA512

d2508765f38ca8d751d6bd30f1e7832f86e1f81822cb4c3d8feacca81aca47e5930b0ad83f04f09671655311430c2ea7130b3ee047a40c6374f61dee5c9fdd54
SSDEEP

384:DswXmGCmYjxFc4vuH467TduAn93XVzQYSD:DhjYrcB7NpnxSD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae39342ba30c658ace32fbed5bccfbc3

Files

ae39342ba30c658ace32fbed5bccfbc3
.exe windows:4 windows x86 arch:x86

5970c1b72f5069241c509d6c143953ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetExpandedNameA
TlsGetValue
BeginUpdateResourceA
VirtualAllocEx
EnumSystemLanguageGroupsA
SetErrorMode
GetExitCodeProcess
GetCommandLineA
GlobalUnlock
WritePrivateProfileStringA
ClearCommError
GetTempPathA
FindClose
GetVDMCurrentDirectories
GetConsoleWindow
GetDllDirectoryA
OpenEventA
GetComputerNameExA
GetPrivateProfileStructA
GetCurrentConsoleFont
GetFullPathNameA
TlsAlloc
GetEnvironmentStringsA
GetThreadSelectorEntry
GetVersion
Heap32ListFirst
GetThreadPriorityBoost
TerminateThread
GetSystemWindowsDirectoryA
GetProcessWorkingSetSize
_lwrite
DeleteTimerQueueEx
SetFileAttributesA
SetEndOfFile
QueryMemoryResourceNotification
GetThreadPriorityBoost
QueueUserAPC
HeapCreate
GetNumberOfConsoleMouseButtons
GetVolumeInformationA
WaitForSingleObject
CommConfigDialogA
GetPriorityClass
WinExec
PulseEvent
GetConsoleOutputCP
GetConsoleAliasesLengthA
GetStringTypeExA
Sleep

odbc32

SQLBindCol

Sections

.text
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ