1254b783caa1fdbc4bb4372d119626f3 | Triage

Sharing

General

Target

1254b783caa1fdbc4bb4372d119626f3
Size

61KB
MD5

1254b783caa1fdbc4bb4372d119626f3
SHA1

08ace31343080dcd12e83daf23ed21893fc33a66
SHA256

51a8e2f6b64b4e09ebb55068e20fe9baa48345bfa683bc9c51927c35faf54632
SHA512

75d1daf1930161fcc7ad351e72e0ff9570805e9d0e3b01b251779d0857a00f69a2e0b8b8e80cd15cf42f2dc53d5f1ba9d8e705f914612e373ccf102102fd8939
SSDEEP

1536:ZDqyhyJazTCuiwrDtdaRKdT7OSqrnF/E0mc:5zTCuHvawt7OSu62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1254b783caa1fdbc4bb4372d119626f3

Files

1254b783caa1fdbc4bb4372d119626f3
.exe windows:4 windows x86 arch:x86

1a929592a80e54a076027bdd6a686f67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
FindVolumeClose
SearchPathA
GetModuleHandleA
DeleteCriticalSection
ExitProcess
GetTickCount
FindResourceExA
GetDiskFreeSpaceA
ReleaseMutex
SetEvent
GetConsoleFontSize
HeapDestroy
TlsGetValue
VirtualProtect
CloseHandle
AddAtomA
GetLastError
CreateThread
lstrlenA

user32

EnableWindow
DispatchMessageA
EndDialog
GetKeyState
DragDetect
GetScrollBarInfo
IsIconic
CreateMenu
GetMessageA
CloseWindow
CreateWindowExA
CopyIcon
CopyImage
DialogBoxParamA

wshbth

WSHJoinLeaf
WSHIoctl
WSHOpenSocket2
NSPStartup
WSHNotify

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ