1a5bf98aefdace038c0cd385db07adf2 | Triage

Sharing

General

Target

1a5bf98aefdace038c0cd385db07adf2
Size

100KB
MD5

1a5bf98aefdace038c0cd385db07adf2
SHA1

448963b266b2418943bc351465a84cf8345247bf
SHA256

bd62e81d4ab4d4771d639538e0cee22080e2395361b842414e43db721ac6cdf1
SHA512

9a8eddd6c97cdfcd84aac758be19bce1710ae6d9a74d7e15df31186155b37daf93a0cad086eb90f917637234abb6df924f89786d74a74db626d2553bf7ece45e
SSDEEP

1536:cGncNitSNrJfq/T0ay07w2LE44tTTk6zXoJ7w1ReXS2DwL5Pt:cOcTrhsQt00BX86zXoJ7w1UXD8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a5bf98aefdace038c0cd385db07adf2

Files

1a5bf98aefdace038c0cd385db07adf2
.exe windows:4 windows x86 arch:x86

b6ad82da1da7870f5ca3c51cc01fdca1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableW
SetEvent
WaitForSingleObject
CreateMutexA
RemoveDirectoryA
DeleteFileA
GetStdHandle
GetFileAttributesA
ExitProcess
GetTickCount
HeapSize
GetCommandLineW
ResetEvent
GetStartupInfoW
SetLastError
VirtualAllocEx
CreateFileA
FindClose
GetModuleHandleA
CloseHandle
OpenProcess

user32

DispatchMessageW
FindWindowW
MessageBoxA
GetWindowLongA
GetDC
PeekMessageA
CallWindowProcW
GetDC
GetDC
FillRect
GetClassInfoA
GetSysColor
DispatchMessageW

perfctrs

CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData
CloseNbfPerformanceData

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ