ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a | Triage

Sharing

General

Target

ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a
Size

57KB
MD5

2ac400de0145dd620833ce652b43c464
SHA1

167e29363266f1de568c2d7dcaf744534f5842fc
SHA256

ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a
SHA512

84b405d83e449f4b9ade212cceac82ce5756a83fe8e85c61ac68e28af4aa07d29c99e6fafd74be8dfba04fa6710ad23b28422fae1056c382931ae49f72711946
SSDEEP

768:v+xAURMDKRji3xVfIs3rtC5bdFrCZa2fCOoj5ZuLHXMZLXPJHPLk182440yqspTb:vCWDKUlsCZD1mh8txVQnlRIlz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a

Files

ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a
.exe windows:4 windows x86 arch:x86

cc40fefa3af5cd00cc28dbd874038a4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
DeleteFileW
ExitProcess
GetComputerNameW
GetCurrentDirectoryW
GetFileSize
GetModuleFileNameW
GetTempPathW
GetVersionExW
ReadFile
WriteFile
lstrlenW
lstrcmpW
SleepEx
VirtualAlloc

wininet

HttpOpenRequestW
HttpSendRequestW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetReadFile

shell32

ShellExecuteW

ntdll

RtlDecompressBuffer
swprintf

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ