1f879050a68a878f2253cd2469dc91795e5ccecff560ce93cc5b40c14a5559a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f879050a68a878f2253cd2469dc91795e5ccecff560ce93cc5b40c14a5559a2
Size

8.7MB
MD5

29fc46075562b405931c258a43865d62
SHA1

6d2beda80789d99f6e214108b5e658f7a87b8681
SHA256

1f879050a68a878f2253cd2469dc91795e5ccecff560ce93cc5b40c14a5559a2
SHA512

68cbe2d24ab7afbf0df3e597a71d4ea5355fd8f3e5deca9912348dfe20003ba7a2442dcdcc9140622362c7ff611ef71eb7f66d3a443c9dae15a94664efae857c
SSDEEP

196608:dKz2QsAB6Pt9SkAa/tPewFa0atusLHoDar6jWOfwDjSxVg9Ec1:dTBa8MkXtPeYa0Wq2r6KOfmjSDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f879050a68a878f2253cd2469dc91795e5ccecff560ce93cc5b40c14a5559a2

Files

1f879050a68a878f2253cd2469dc91795e5ccecff560ce93cc5b40c14a5559a2
.exe windows:5 windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

TMethodImplementationIntercept

Sections

Size: 7.8MB - Virtual size: 10.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 980KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kuipynxg
Size: 790KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hunoskzp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE