af5b1237eed1f05eec521da434643680N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af5b1237eed1f05eec521da434643680N.exe
Size

35KB
MD5

af5b1237eed1f05eec521da434643680
SHA1

32be6a1122a85eead34cc6827dd94b4e18b3eb0c
SHA256

2ddc477f37423249a57328557c0475c568ca7ba83e21c9b8c72e96328a3667ce
SHA512

c6b463150936e3c020d8f36c0088a8d1b486d2ee18d26594dcef744b4525f9ef10b8f09bda20417c608a7ef82ce6e6fa9bf968cdd38b429cee4138a0d566bd67
SSDEEP

384:vAIZcZWXog8AB1YpC944HeNrOb2X2VE7DL640/U47ELd+SZxsqCujNaWt:vjxogtP94DrR7DL640c4cCujNB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af5b1237eed1f05eec521da434643680N.exe

Files

af5b1237eed1f05eec521da434643680N.exe
.exe windows:5 windows x86 arch:x86

49e1aa4b247478da7e673f66b7586ea8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

LoadIconA

gdi32

TextOutA

msacm32

acmStreamOpen

imm32

ImmGetContext

Sections

.MPRESS1
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 1010B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE