1c9c9032285645e97305d3e28921d5de | Triage

Sharing

General

Target

1c9c9032285645e97305d3e28921d5de
Size

256KB
MD5

1c9c9032285645e97305d3e28921d5de
SHA1

ad26d8d7499a00153b37bcf697459bb3039f3561
SHA256

7e844d7940c98f0c38ef80135bbce80ebc8db5dc1a584b67caad3bbac0e1f760
SHA512

ba7dea2606526f5339129faa86608647d64f6ec9c6775634fbd31a0024ea3ce6a6558f7d1461067b3bc6456a649e20b6106eca199bf47f67b5cd25dd16d439ff
SSDEEP

6144:EYykl24UDkr8cAUJS6WH67T54LZ07M4M8NVbKgW:VykSDO8UJt8uTS90oGvbKj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c9c9032285645e97305d3e28921d5de

Files

1c9c9032285645e97305d3e28921d5de
.exe windows:4 windows x86 arch:x86

48ae0cc262861eba4723cad29506eab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateFileA
GetWindowsDirectoryA
LoadLibraryW

msvcrt

memcpy

advapi32

RegOpenKeyExW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ