aff726d99a9cff161d09a4b3b8026d130594148cd2c3967f6f14d282a1bb9417 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aff726d99a9cff161d09a4b3b8026d130594148cd2c3967f6f14d282a1bb9417
Size

56KB
MD5

24840c8b28b48a028615a20260c5956e
SHA1

bab20d4e51abdad24b4fdc5d6b74c2bfea6d5e59
SHA256

aff726d99a9cff161d09a4b3b8026d130594148cd2c3967f6f14d282a1bb9417
SHA512

ba55e58d74a7ad0ea423501b5a480a9990cdd7460c931a4c4473fc3a8076634a40558019c6341a3b479957651f0fe7244fbd24cb51d95e319920e13a6261544c
SSDEEP

768:vDqYnMTOV5ZXO9o56McUyc8fHAl4MbPA9ScVOuuGMp0MZuaY:AOjXO2MMcUyc2XM89JuG8u/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aff726d99a9cff161d09a4b3b8026d130594148cd2c3967f6f14d282a1bb9417

Files

aff726d99a9cff161d09a4b3b8026d130594148cd2c3967f6f14d282a1bb9417
.exe windows:5 windows x86 arch:x86

5038cc1d7d4ba6ce1ebcfec67b707138

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualFree
IsBadReadPtr
LoadLibraryA
SetLastError
ExitProcess
FreeLibrary
GetModuleHandleA

user32

MessageBoxIndirectA
SendMessageA
DialogBoxParamA
GetDlgItem
EndDialog
LoadIconA

comctl32

InitCommonControlsEx

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ