a2aa66b8d5b91dea488c4544c1795fef135404fcd4bd5303ed9811efa74b7dc6 | Triage

Sharing

General

Target

a2aa66b8d5b91dea488c4544c1795fef135404fcd4bd5303ed9811efa74b7dc6
Size

589KB
MD5

941beafca7401ad4c872a897ffe5cc36
SHA1

82c0858b7c89370419e5a59c26047018b57a0a35
SHA256

a2aa66b8d5b91dea488c4544c1795fef135404fcd4bd5303ed9811efa74b7dc6
SHA512

d9f15f6ff9af0338d039402847068546baf00d7506e53e2030579fe6780745f664417bb9e1b84484c24b160d907e0dd77485c07e44510ea6d75382786058e95d
SSDEEP

12288:MByuIw5R/atvboVLYVu9o6SSXRFJYAoIzvUPYTQd5aJ:MwuIFbI9oQFWArGs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2aa66b8d5b91dea488c4544c1795fef135404fcd4bd5303ed9811efa74b7dc6

Files

a2aa66b8d5b91dea488c4544c1795fef135404fcd4bd5303ed9811efa74b7dc6
.exe windows:4 windows x86 arch:x86

1b67e66b19092e4bb9115bf2384895e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc42

ord818

msvcrt

__set_app_type

user32

ShowWindow

gdi32

GetTextExtentPoint32W

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoUninitialize

olepro32

ord251

oleaut32

VariantInit

winmm

timeGetTime

wininet

InternetWriteFile

d3d9

Direct3DCreate9

dsound

ord11

dinput8

DirectInput8Create

ws2_32

connect

Sections

.text
Size: 576KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE