2aaa1fb42f1e7261f8a8cf2069da6ba0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2aaa1fb42f1e7261f8a8cf2069da6ba0N.exe
Size

92KB
MD5

2aaa1fb42f1e7261f8a8cf2069da6ba0
SHA1

6afeed738c195338bac32846d09248e02567f346
SHA256

f5dda45071a29c265c7aa8bd1bcf8e55b623f6eb0d1287f4198c5d6c4f9413b6
SHA512

a677a887cc35f9db4bfd356093cdd7b8949c5f344b70e6a4f23ecdc05a576236df7f1beccbd72e3777e05872120c0e4326817fcd3d0c0b69ad66194d71455e47
SSDEEP

1536:L4rTil55w2RhdOFu4/r9mIpXIC6DvnnzOW4NexXPG8:L4Pmw2K79mICp4S/G8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aaa1fb42f1e7261f8a8cf2069da6ba0N.exe

Files

2aaa1fb42f1e7261f8a8cf2069da6ba0N.exe
.exe windows:1 windows x86 arch:x86

998d149c9e826a233457340f73261c2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
ExitProcess
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
GetWindowsDirectoryA
RemoveDirectoryA
ResumeThread
TerminateProcess
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA

user32

MessageBoxA

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA

Sections

.data
Size: 77KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 879B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.file
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ