3514ab906ada5fa92620132b2bab28af5380058d70646d1c58bb483eb7d4b52e | Triage

Sharing

General

Target

3514ab906ada5fa92620132b2bab28af5380058d70646d1c58bb483eb7d4b52e
Size

1.4MB
MD5

bbce3607755f9b6579fae6f62c4fec8d
SHA1

a9ca66965e480b5c5b36163cead558bf2ce131c5
SHA256

3514ab906ada5fa92620132b2bab28af5380058d70646d1c58bb483eb7d4b52e
SHA512

15e2ca1e528a6565b2f799bf02b93072fc06601ee6ef746cff8b598cd5812e88611bfba259f8e446719e8c9fe9961d2a56331f7d720e2afa7461bd87ae0f4f6f
SSDEEP

24576:AKkNbmXA2zJLVzdOGiWhzKh/Mb4Gru+vDnezZ8f5pZF/XD6DaoIL:AKkvY9/iWIBtGzDezZSVT6DaoI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3514ab906ada5fa92620132b2bab28af5380058d70646d1c58bb483eb7d4b52e

Files

3514ab906ada5fa92620132b2bab28af5380058d70646d1c58bb483eb7d4b52e
.exe windows:4 windows x86 arch:x86

acea93b2f65ffd0f15f83fa287b04b46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cryptdll

MD5Update
CDLocateRng

rsaenh

CPEncrypt
CPGenKey
CPDecrypt
CPDeriveKey

kernel32

CreateNamedPipeA
GetPrivateProfileSectionW
CreateFileMappingA
VirtualProtect
GetDriveTypeA
GetNumberFormatW
HeapAlloc
GetDateFormatW
WriteConsoleW
GetModuleHandleA
HeapSize
GetTimeFormatW
ExitProcess
LoadLibraryExW
WaitForSingleObjectEx

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ