1b98b017b4dd73d64f2eda63c7e3f279 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b98b017b4dd73d64f2eda63c7e3f279
Size

360KB
MD5

1b98b017b4dd73d64f2eda63c7e3f279
SHA1

b49b5a1dacc810ffb64cc0487be6428740db09b7
SHA256

a04ea6c96d278f6fa0c9b94c455bd985aae2a4176deeee3072b094ca2b8390d4
SHA512

f93a6024e4878e546ab4b78eea8a8615bf919c341cb0d36f8955c71ee739e5c8a4e720bdf79a2fbb700777c89a3bb85291e76e90d93910fce32620609a3bf42c
SSDEEP

6144:hCDwykcgQ0g1iUI9l64F8XDpcSQ1vXIaliU/XwbNxkeTdKkIDdjWk9PwBZBOnUc2:h/ybv0g/clF8D0FXIGicwbNb5dUPwZig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b98b017b4dd73d64f2eda63c7e3f279

Files

1b98b017b4dd73d64f2eda63c7e3f279
.exe windows:5 windows x86 arch:x86

37454d5e80b782baf5f6f8da82acd6d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
LeaveCriticalSection
CloseHandle
GetLastError
GetCurrentProcess
VirtualAlloc

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ