adc005d04cffc5f244798a4195ba4ac312841da62d3d4583f995fe5c26ce6991 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adc005d04cffc5f244798a4195ba4ac312841da62d3d4583f995fe5c26ce6991
Size

20KB
MD5

062b9c7bb7196d45bc41108951c4194e
SHA1

dfcbbfbef428aef88707efd85c6ca3e2343bb597
SHA256

adc005d04cffc5f244798a4195ba4ac312841da62d3d4583f995fe5c26ce6991
SHA512

e6da501cbcf54bc34e66ea139912ce1424d3f7305f0d3806c08f311110d209e9c16529751bc2bc0f492029ba892c0fa3b730c40e86e22f7fbb46d2175a4b5322
SSDEEP

384:zmJ3ZwOcfyL01GckDlJ/rbeKKfiJKit4BS7g0B+L4TKgmwg:zmJpClGLrbtK6Rt487g0g0TKtwg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adc005d04cffc5f244798a4195ba4ac312841da62d3d4583f995fe5c26ce6991

Files

adc005d04cffc5f244798a4195ba4ac312841da62d3d4583f995fe5c26ce6991
.exe windows:4 windows x86 arch:x86

f0c0a52023ddf031f7d5cc1b2b52c624

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
VirtualProtect
InitializeCriticalSection
GetModuleHandleA
HeapAlloc
GetProcessHeap
TerminateProcess
VirtualAllocEx
HeapFree
VirtualAlloc
lstrlenA
GetLastError
LockResource
lstrcpyA
SizeofResource
FindResourceA
WritePrivateProfileStringA
GetTempPathA
CloseHandle
WriteFile
SetFilePointer
ExitProcess
ReadFile
GetFileSize
CreateFileA
CopyFileA
GetModuleFileNameA
lstrcatA
GetProcAddress
LoadResource
LeaveCriticalSection

advapi32

CryptGenRandom
CryptReleaseContext
CryptAcquireContextA

Exports

Exports

szFile

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 927B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ