1d4dd63e41dee3013a9f3c17dcfaf893d6f0d6e734b58bdc904b4946d217e07c | Triage

Sharing

General

Target

1d4dd63e41dee3013a9f3c17dcfaf893d6f0d6e734b58bdc904b4946d217e07c
Size

135KB
MD5

c2f0cb4eadf1c6132ce14f2dae75c119
SHA1

3d46d53ec473c53277c41c4429b8b869f14456d6
SHA256

1d4dd63e41dee3013a9f3c17dcfaf893d6f0d6e734b58bdc904b4946d217e07c
SHA512

0bd0546941db556955e5ad879c2f6987bba3198fbebaeedb9204e8377b08d973a89891f0c8b4ecb1ad9a4e311416e30670d168ab9b1903baa0d1092a4e0624ec
SSDEEP

3072:nFOR79w75zI3HaPm1tXkpyYAmmgAGmFdYvQd2:FOR7+ZU2mXXsrKE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d4dd63e41dee3013a9f3c17dcfaf893d6f0d6e734b58bdc904b4946d217e07c

Files

1d4dd63e41dee3013a9f3c17dcfaf893d6f0d6e734b58bdc904b4946d217e07c
.exe windows:5 windows x86

ca7bed2d99db7f7db37cdb4a429a66e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ntdll

_wtoi

ole32

CreateStreamOnHGlobal

shlwapi

StrStrA

user32

wsprintfA

winhttp

WinHttpOpen

Sections

.vmp0
Size: 100KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE