1578510ff6e1fd26714c10b978cf44cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1578510ff6e1fd26714c10b978cf44cf
Size

58KB
MD5

1578510ff6e1fd26714c10b978cf44cf
SHA1

751755f98da57dacef2893d57f98f41e019b4656
SHA256

7f912713c28a9bd40d66f99ca3f22d607b8698f11738a96d81f604b06c51443b
SHA512

ca4c37c1e63a79abfd7069f291f18236a5d24426d30389ab042a6402b7d54da53f6300d94a0c546ff0ca1777d22ebad3fc7466aefd0b1c29d2570b33facebed2
SSDEEP

1536:A92Wu3EaXYGIVTgVgeG3MCLrlZETKFRFLz:AEFrKvFrl/3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1578510ff6e1fd26714c10b978cf44cf

Files

1578510ff6e1fd26714c10b978cf44cf
.exe windows:4 windows x86 arch:x86

90d83faf33ba371e440679abc840d2bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapSize
EnterCriticalSection
WaitForSingleObject
IsBadReadPtr
CloseHandle
VirtualAlloc
GetFileSize
SetLastError
DeleteAtom
CreateFileA
SetLastError
FindAtomW
SuspendThread
ExitProcess
GetEnvironmentVariableA
GetStdHandle
SetFileAttributesW
GetFileAttributesA
ReadFile
GetCurrentDirectoryA
GetModuleHandleA
GetVersion
DeleteFileA
SetEndOfFile

cryptui

WizardFree
WizardFree
LocalEnroll
CryptUIWizDigitalSign
CryptUIWizExport
LocalEnrollNoDS
CryptUIWizBuildCTL
CryptUIStartCertMgr
CryptUIDlgFreeCAContext
DllUnregisterServer
CryptUIWizImport
CryptUIDlgViewContext
DllRegisterServer

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ