ab92c0d4e34f46675d5fd9523607dc06d5069df1bcd34297f587d6e096e2631c[.]exe | Triage

Sharing

General

Target

ab92c0d4e34f46675d5fd9523607dc06d5069df1bcd34297f587d6e096e2631c.exe
Size

25KB
MD5

3a4bfee2cc3c8666577778774a382d20
SHA1

39554f637885d55103d0e226526940a00ef5eef2
SHA256

ab92c0d4e34f46675d5fd9523607dc06d5069df1bcd34297f587d6e096e2631c
SHA512

1887f2bf254745074efbe4415757f06d1fa1e52dd72cbba6a4f62d95a1bc12c48a15a0aab629a0fa0e73965166e080779d89c4a33fba4e23c7fd8c7a2733fa89
SSDEEP

768:4NBsUaJOJNbQGPL4vzZq2o9W7GsxBbPr:C6U6OzcGCq2iW7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab92c0d4e34f46675d5fd9523607dc06d5069df1bcd34297f587d6e096e2631c.exe

Files

ab92c0d4e34f46675d5fd9523607dc06d5069df1bcd34297f587d6e096e2631c.exe
.exe windows:5 windows x86 arch:x86

2eeb9e4f6cd432901b60b83fbf9f02cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
ExitProcess
WaitForSingleObject
SetUnhandledExceptionFilter
SetErrorMode
CloseHandle
GetCurrentProcess
CreateThread
TerminateProcess
VirtualProtect
GetModuleHandleW
GetCurrentThreadId
GetTickCount
lstrcpyW
lstrlenW
GetProcAddress

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

user32

wsprintfW

Sections

.verif
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bin
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�_ՙ�u5
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE