1a04d03f818fbcc5f8ad601496e65c26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a04d03f818fbcc5f8ad601496e65c26
Size

358KB
MD5

1a04d03f818fbcc5f8ad601496e65c26
SHA1

092f5c885ba35e7c918e53c03c3083e290c47d73
SHA256

5f6483c0b5a4b745d8c1ee7734e4c7d8c9d7c598f4d9b5d3c780ac108692e15a
SHA512

d5cbcfa077672d78297f71c3224f2d6dc47052cd3abfa3662158113666d73e5abff0405f5dcd543325de1f1330e135c6f3739080e1fb4d87c742130e43aae811
SSDEEP

6144:rIpa+8T66CugDk+Fy1sSuYbpuL4pdixLiB66:rIpa+8T66Jd+I1sSuGp9di9Y7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a04d03f818fbcc5f8ad601496e65c26

Files

1a04d03f818fbcc5f8ad601496e65c26
.exe windows:4 windows x86 arch:x86

65d3bdce97516a54c1b6d2e47898195b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
lstrcmpiA
ResumeThread
GetModuleHandleA
GetComputerNameA
ExitProcess
Sleep
ReleaseMutex
AddAtomA
CreateThread
TlsGetValue
DeleteCriticalSection
GetTickCount
GetLastError
VirtualProtect
SetEvent
PulseEvent
GetDiskFreeSpaceA
CloseHandle
SearchPathA

user32

EnableWindow
CloseWindow
CopyImage
CreateMenu
CreateWindowExA
CopyIcon
DispatchMessageA
DragDetect
GetMessageA
IsIconic
EndDialog
GetScrollBarInfo
DialogBoxParamA
GetKeyState

hlink

HlinkNavigate
HlinkResolveShortcut
HlinkTranslateURL
HlinkIsShortcut
HlinkClone

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ