aabb4256ba2128bff2e2669e512fa2abad701d1d3297a89c83592d0391c27f6e[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

aabb4256ba2128bff2e2669e512fa2abad701d1d3297a89c83592d0391c27f6e.exe
Size

88KB
MD5

0736360fb0b318bb808586add1aecf00
SHA1

52fdd555d055aa054648a00112f84dae15434652
SHA256

aabb4256ba2128bff2e2669e512fa2abad701d1d3297a89c83592d0391c27f6e
SHA512

6ffc731dbf13e033bf6bec30927bab67ad7eae5f114e18d291ef0a645f2ddc20a706a04e52066c990aec7c395b717da52c9c125d1a943cba8b13f0d243e2e00e
SSDEEP

1536:lQfIasG6tkDqcBAACQgoalUq4Vp6ICxNFtPo4KiEQo:lwuG+wBAAQoE4Vp6x3tPo4KiEQo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aabb4256ba2128bff2e2669e512fa2abad701d1d3297a89c83592d0391c27f6e.exe

Files

aabb4256ba2128bff2e2669e512fa2abad701d1d3297a89c83592d0391c27f6e.exe
.exe windows:4 windows x86 arch:x86

147eed77e5bbb3ddec67079b524efd64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetWindowsDirectoryA
GetProcAddress
LoadLibraryA
SetStdHandle
LCMapStringA
LCMapStringW
FlushFileBuffers
CloseHandle
CreateFileA
SetEndOfFile
lstrcpyA
GetProfileIntA
GetProfileStringA
GetTickCount
WriteProfileStringA
Sleep
OutputDebugStringA
GetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
HeapFree
GetLastError
CreateDirectoryA
DeleteFileA
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
ReadFile

user32

MessageBoxA
DispatchMessageA
GetWindowLongA
MessageBeep
GetDlgItem
SetScrollRange
SetScrollPos
CheckDlgButton
SetDlgItemTextA
GetDlgItemTextA
PeekMessageA
PostMessageA
EndDialog
PostQuitMessage
DestroyWindow
SendMessageA
SetWindowPos
DefWindowProcA
DialogBoxParamA
InvalidateRect
SetWindowTextA
LoadCursorA
RegisterClassA
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
GetClientRect
CreateDialogParamA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage

gdi32

GetStockObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

buicap32

ord57
ord97
ord16
ord17
ord118
ord49
ord51
ord50
ord14
ord79
ord12
ord109
ord121
ord87
ord88
ord37
ord52
ord86
ord29
ord58
ord56
ord9
ord39
ord200
ord48
ord21
ord20
ord4
ord67
ord3
ord8
ord34
ord22
ord116
ord2
ord45
ord30
ord19

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

147eed77e5bbb3ddec67079b524efd64

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

buicap32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 20KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 20KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 3KB