a1a1a31f76cdd252da026ae0f9810220N[.]exe

General

Target

a1a1a31f76cdd252da026ae0f9810220N.exe
Size

214KB
MD5

a1a1a31f76cdd252da026ae0f9810220
SHA1

26ffaada6fd1afb00d84a95a578cdec1af1a1f48
SHA256

1f8949d55bc7c4faf8f84e8cc24b2eb560f9127bf03d146419add5a11de7f5f9
SHA512

d97ffdab571609b801c175e99cc9ee0eca8052bcd60e68b9dc8bfd68ab17852a06aa3505b14c2de54fa9aa33c570fccbcd7e6d41aa7608eaefc28dae671e4aa5
SSDEEP

6144:MsVslzvgHYm5YkckccbsbGAf0N/55eDq0gST:3+lgHYm5+AJ50/T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1a1a31f76cdd252da026ae0f9810220N.exe

Files

a1a1a31f76cdd252da026ae0f9810220N.exe
.exe .ps1 windows:5 windows x86 arch:x86 polyglot

cc6fca6cdd242e7c7ab6536a06f5e6c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

kernel32

IsValidLocale
WideCharToMultiByte
GetCurrentProcessId
QueryPerformanceCounter
HeapFree
GetLocalTime
SetUnhandledExceptionFilter
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcess
lstrcpyA
GetLocaleInfoA
GetVolumeInformationA
SetLastError
CloseHandle
HeapAlloc
MultiByteToWideChar
lstrcmpA
GetOEMCP
LoadLibraryW
lstrlenA
GetTickCount
FindResourceA
SystemTimeToFileTime
CreateFileA

scecli

SceCloseProfile
SceAppendSecurityProfileInfo
SceAnalyzeSystem
SceAddToObjectList
SceAddToNameStatusList
SceBrowseDatabaseTable

schannel

QueryContextAttributesA
QueryContextAttributesW
InitializeSecurityContextW
QuerySecurityPackageInfoW
QuerySecurityPackageInfoA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 7KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rcrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc6fca6cdd242e7c7ab6536a06f5e6c1

Headers

File Characteristics

Imports

advapi32

kernel32

scecli

schannel

Sections

.text Size: 110KB - Virtual size: 109KB

.rdata Size: 90KB - Virtual size: 90KB

.odata Size: 512B - Virtual size: 512B

.jdata Size: 7KB - Virtual size: 1.5MB

.tls Size: 512B - Virtual size: 512B

.rcrc Size: 3KB - Virtual size: 3KB

.text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 90KB - Virtual size: 90KB

.odata
Size: 512B - Virtual size: 512B

.jdata
Size: 7KB - Virtual size: 1.5MB

.tls
Size: 512B - Virtual size: 512B

.rcrc
Size: 3KB - Virtual size: 3KB