aa1313df84438521bf5e60998e713d012dac50eb5e2f47c3ddb58406836fae6c | Triage

Sharing

General

Target

aa1313df84438521bf5e60998e713d012dac50eb5e2f47c3ddb58406836fae6c
Size

4.8MB
MD5

6a1c633150b9ddc7454274c37425356b
SHA1

efa850d5f97222db17922ed9968c3ddd5902c48a
SHA256

aa1313df84438521bf5e60998e713d012dac50eb5e2f47c3ddb58406836fae6c
SHA512

c698c050c65fabe7ab6ba7d36700df432c1465537618e796f8d3c59db007b0bd73ac1663bee3213f3d0b01ace7b382f9d861ddfcc4babf814cf42dfe60c428b7
SSDEEP

49152:25grItb5R9C3Jp0J1a/HVIlsILdSMz0xXhmg1yQnTRbeRZgCHI9qhRNjSRv7nZe:25rtt65+JqlILdBWxF9iqqhRNaZe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa1313df84438521bf5e60998e713d012dac50eb5e2f47c3ddb58406836fae6c

Files

aa1313df84438521bf5e60998e713d012dac50eb5e2f47c3ddb58406836fae6c
.exe windows:4 windows x86 arch:x86

e8631559eeafbbbfb46576e4e8570b7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

GetModuleHandleA

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s
Size: 732KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.s
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ