1baa591cf52bc9bc162e93a7ffa7ca60313fa7e6d09a16431b536d63535c9dae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1baa591cf52bc9bc162e93a7ffa7ca60313fa7e6d09a16431b536d63535c9dae
Size

2.8MB
MD5

162c29e9df3daa065bb02956736d6a6e
SHA1

ef17a6071a3287f5b17c5138bc61d37f27501336
SHA256

1baa591cf52bc9bc162e93a7ffa7ca60313fa7e6d09a16431b536d63535c9dae
SHA512

845e6316a1022d02ab52e68d1b0a8576aa4d87ba060d25ef4a1171319d54d530bda1a9d1817579b65e5a3e86e7f4259720bae1b08dcce780a5dee839f2e0faba
SSDEEP

49152:+R8xiB9cxiFWG0+iOgO7uS4j/v34A3g6WOA1S15LTSM+NN:+WCjWCxMSQIS15PSpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1baa591cf52bc9bc162e93a7ffa7ca60313fa7e6d09a16431b536d63535c9dae

Files

1baa591cf52bc9bc162e93a7ffa7ca60313fa7e6d09a16431b536d63535c9dae
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.9MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mptgicrs
Size: 828KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bhvosmrx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE