1bdd01212e98174dfac17df67bf0ff60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bdd01212e98174dfac17df67bf0ff60
Size

132KB
MD5

1bdd01212e98174dfac17df67bf0ff60
SHA1

cbc75d250706bd928e46af94819733ac04f85483
SHA256

8ae0f906805e55de26bd4f2159919b49a9008ae23a9c7ee3d1bec4df88ba9986
SHA512

b7d597053c6439d245508a1277ffab44ab89e4b3dadae4deee7500af169936813b1281b4cf3b73f5e3c4d87ed27dc765883a4a599e41b6f1745e4a5c05cf6a8c
SSDEEP

3072:JAm8VTGemcvo9iFuKLEdc2eeNJMZow1RkbR:J/SCeDvo9qN2eeNhb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bdd01212e98174dfac17df67bf0ff60

Files

1bdd01212e98174dfac17df67bf0ff60
.exe windows:4 windows x86 arch:x86

e96e51ebbcef7cb25f0031aade9b273e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
IsBadHugeWritePtr
lstrcmpiA
GenerateConsoleCtrlEvent
SetThreadIdealProcessor
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ