aa878e6b0467cfb9e1083e42c3bfd6f249720d0ec9dd8728ca56a7e8c0a7cb04 | Triage

Sharing

General

Target

aa878e6b0467cfb9e1083e42c3bfd6f249720d0ec9dd8728ca56a7e8c0a7cb04
Size

56KB
MD5

728e5f362905836421b30adf84e934da
SHA1

af95e0a7da3f2cee2f5255ddf93a1bfe6b597e3d
SHA256

aa878e6b0467cfb9e1083e42c3bfd6f249720d0ec9dd8728ca56a7e8c0a7cb04
SHA512

63f2240d147b5c3bf3df3a74107fdbc9fea73696fa58b406b558d87159614c6f38ce146a2c7771f43784a138706d44896e0711268c14821acd840d1fcfba5426
SSDEEP

768:2KAnDA0ASBOXfqhCZmgP7Yion2ji4fcNDwTt7j9zqtI91087HTiOgT+BEZQZZjup:ZShSMIci82rfc5wxZ+t87HmAOQx/m8e1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa878e6b0467cfb9e1083e42c3bfd6f249720d0ec9dd8728ca56a7e8c0a7cb04

Files

aa878e6b0467cfb9e1083e42c3bfd6f249720d0ec9dd8728ca56a7e8c0a7cb04
.exe windows:4 windows x86 arch:x86

6eb223bf214eab0bf93cb8afada85b8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
RegisterWaitForInputIdle
InterlockedDecrement
SetSearchPathMode
LocateXStateFeature
GetProfileSectionW
BaseIsDosApplication
GetOverlappedResultEx
ZombifyActCtx
CloseConsoleHandle

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE