1cf99355cf164e731606bd8b17a4cb83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1cf99355cf164e731606bd8b17a4cb83
Size

879KB
MD5

1cf99355cf164e731606bd8b17a4cb83
SHA1

841b8ae5bc218c3cf7b9d5c633ad8e3d8fb30b5d
SHA256

51ea718702fbe26513304fcb7e37248eb835ac2c82027c7229c46380e33ba411
SHA512

6ac589ba7851e2750f2c2b1364a69d3ccf5a65ed1c7ebd0f897bb2302e5fc7a50e5321a5cdf05c0dba26863d5095ac0e72b44acb0e7a1e5d9cafe763f43cdfcd
SSDEEP

12288:eNCYZ2KhfGPP3X4c+tRAUIwm+cse+YrxpP6jab0S3qW4xhfhVYAaOxvbLjjCIas7:4C+26GHHW6wmqYz8abfqrxH5x1L6IE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cf99355cf164e731606bd8b17a4cb83

Files

1cf99355cf164e731606bd8b17a4cb83
.exe windows:4 windows x86 arch:x86

a1a9e44b9120795b2f4aa73584a5dfdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
WriteFile
GlobalSize
lstrlenA
GetConsoleTitleA
GetStartupInfoA
GetDriveTypeW
CloseHandle
GetModuleHandleA
GetModuleFileNameW
CloseHandle
HeapCreate
DeleteFileA
Sleep
GlobalFlags
DeviceIoControl
GetExitCodeProcess
GetTickCount
GetFileTime
GetCommandLineA

user32

DrawTextW
GetWindowLongW
DestroyMenu
FillRect
LoadImageA
BeginPaint
DispatchMessageA
DestroyWindow
DispatchMessageA
GetParent
IsZoomed
PeekMessageA
CallWindowProcW

dssec

DSEditSecurity
DSEditSecurity
DSEditSecurity
DSEditSecurity

imagehlp

ImageUnload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ