1a38c254835f9fcae9eaee64301ff78c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a38c254835f9fcae9eaee64301ff78c
Size

448KB
MD5

1a38c254835f9fcae9eaee64301ff78c
SHA1

85eba330743939a5d93e7372296d571bcca76e9d
SHA256

29c9d4c67d1c2431e6dec86b611d620778b84aeb54235845245bd94671b67a08
SHA512

d44ca74623f1ae6a9391e37b8cded598a4b618327795b7b10c910d47995c9cb6749ba6cb7383b5fc71d925593e54dbd19afc7272cf2f4db91465d34bc9fcd3b0
SSDEEP

12288:Ek6lFSXvICyBNZ6Ic0GsvRKYL4Zdf+bZ:EuHyB369ORm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a38c254835f9fcae9eaee64301ff78c

Files

1a38c254835f9fcae9eaee64301ff78c
.exe windows:4 windows x86 arch:x86

25cf52a782d65fd97e24aac1c926bbe1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
OpenEventW
GetStartupInfoA
FindResourceExW
HeapDestroy
OpenThread
DeleteFileA
CloseHandle
HeapCreate
GetCommandLineW
ReleaseMutex
FindVolumeClose
WriteConsoleA
SetEvent
GetFileAttributesA
GetModuleHandleA
CloseHandle
ExitProcess
SuspendThread
GetEnvironmentVariableW

user32

PeekMessageA
GetKeyState
GetClassInfoA
CallWindowProcW
GetWindowLongA
FindWindowA
SetFocus
IsZoomed
GetSysColor
GetCaretPos
DispatchMessageA
DispatchMessageA
GetIconInfo

htui

HTUI_ColorAdjustment
HTUI_ColorAdjustment
HTUI_ColorAdjustment
HTUI_ColorAdjustment

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ