1ceee9da78e44cc13de54db0b0ec1349 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ceee9da78e44cc13de54db0b0ec1349
Size

39KB
MD5

1ceee9da78e44cc13de54db0b0ec1349
SHA1

9c9651805da5b05ea6805ae2cbb541f799815555
SHA256

987bc4fdb5f7475e81609200ad6cbdcb4378c36fc035f58e4eecc606c9ea2bd9
SHA512

00e3a5963d17bd2d6ea860328f73de57ebbdc91c0d6269a4b7fccd6e730a5c9a92782362f84d3af651b8e2e114c139a812966b5b86a6182516755444674d28f2
SSDEEP

768:8uJNmiD+Aj8PTZcq5VACMKntPNF75trlJPvB5ms:Vj8AjZq5VA+VNRrt5ms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ceee9da78e44cc13de54db0b0ec1349

Files

1ceee9da78e44cc13de54db0b0ec1349
.exe windows:4 windows x86 arch:x86

f3bc2b6c97a4b4bcc111e4fc6bdd37b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapCreate
IsBadReadPtr
RaiseException
ReadProcessMemory
CreateFileMappingA

msvcrt

_exit
free
malloc
realloc
wcscmp
_wcsicmp

user32

BeginPaint
GetMessageA
GetUpdateRgn
PeekMessageA
SendMessageTimeoutA
TrackPopupMenu
CheckMenuItem
DestroyWindow
SetCursor

oleaut32

RevokeActiveObject
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroy
SysReAllocString
RegisterTypeLi

shlwapi

PathCombineA
PathBuildRootA
PathAppendA
PathFileExistsA
SHDeleteValueA
SHQueryInfoKeyA
StrSpnA
StrStrA
StrToIntA
SHDeleteKeyA

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ