b1a9c840defddb3597f820bb9966bfc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1a9c840defddb3597f820bb9966bfc3
Size

87KB
MD5

b1a9c840defddb3597f820bb9966bfc3
SHA1

69a87940e90bd88c01874f719059c975f4beb0db
SHA256

2d185f3c91f8738cd265f024528a068b9646c567a086c33641918f5b26944e08
SHA512

bb9f43a1a31945dde16f2e24c7b3eed7b3e1966c913585831480ee0959cb88df842c56c579c8d9ffc5540ba5fc1bf9eb0dc93e7f4edfb08f01b00dd6bfc944d5
SSDEEP

1536:tmbn1H9D+u+9spgfYJlVpmySyjn2p3Qy0ThKLz35AvL9wN0bIS+:tmL1Eu+ajpmyXn2GyWTD9hIS+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1a9c840defddb3597f820bb9966bfc3

Files

b1a9c840defddb3597f820bb9966bfc3
.exe windows:4 windows x86 arch:x86

0433a106b4a8a330f166ebe889e8d6ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalHandle
SetConsoleNlsMode
RtlMoveMemory
VerifyConsoleIoHandle
EnumLanguageGroupLocalesW
CreateProcessW
LocalUnlock
IsDebuggerPresent
SetFileValidData
ValidateLocale
GetConsoleCP

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 72KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE