aa49601e0830530be61d505bb1d14770b77033cdf011c3c681a04c46f0e81a55N | Triage

Sharing

General

Target

aa49601e0830530be61d505bb1d14770b77033cdf011c3c681a04c46f0e81a55N
Size

436KB
MD5

f63cc59610814292fd487d859d75c4a0
SHA1

50d062d518df9201e72e54a6f98e9436eb388b8b
SHA256

aa49601e0830530be61d505bb1d14770b77033cdf011c3c681a04c46f0e81a55
SHA512

eb30bf0cfe34c110e8a2b6abc192ccb9f9cca9312166c54732102b46bc47a2cf3424f401a7ad6bdbdcacc1ad2934a58a64000cfc9b52d6a417b493ebf7400b91
SSDEEP

12288:nlDzNwTWdB4fEBcjMAKfxTDyZ6MnfZm01q37quz+:nlKTgB+EKKJTDyo0hv1q37qj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa49601e0830530be61d505bb1d14770b77033cdf011c3c681a04c46f0e81a55N

Files

aa49601e0830530be61d505bb1d14770b77033cdf011c3c681a04c46f0e81a55N
.exe windows:5 windows x86 arch:x86

44e7af86d13bd689602e96dccc077d31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
lstrcatA
GetModuleHandleA
ExitProcess
MoveFileExA
WaitForSingleObject
GetModuleFileNameA

user32

CopyIcon
SetSystemCursor
LoadCursorA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE