1bee5114daf1f326d09dd98dc79825ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bee5114daf1f326d09dd98dc79825ee
Size

745KB
MD5

1bee5114daf1f326d09dd98dc79825ee
SHA1

526ce778499dafceb3524006b570dde1453fb972
SHA256

13eb3297abb202a910c1a5987e8a3a6bccd3e0f86ba3ab5a11b2abb60f5ff855
SHA512

fcfb0581d844fbc8e71d929705247703479379e32dd41ae0398b87a935e69fcede86803170cb8bad8154b82e906f1cf7500b27be3b1ba2d58926750b06110ac1
SSDEEP

12288:RU6R6HkYtWfofNGsBLg+xeC5NB0V+T/Pk1fvYnvqyTD/NQEaMgdiPVNIX:RjR6HvtWgfNG6Lg01NpPsfwnhD/NQZ6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bee5114daf1f326d09dd98dc79825ee

Files

1bee5114daf1f326d09dd98dc79825ee
.exe windows:4 windows x86 arch:x86

efe26be7ac06267407d7edd08a957db2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
ExitProcess
VirtualAlloc
DeleteFileW
GetModuleHandleA
SetLastError
GetCommandLineW
GetFileAttributesA
FindAtomW
SuspendThread
HeapSize
ReadFile
GetFileTime
CloseHandle
SetFileAttributesW
GetFileType
GetEnvironmentVariableW
Sleep
WaitForSingleObject
GetVersion
SetLastError
EnterCriticalSection
RemoveDirectoryA
CreateFileA
IsBadReadPtr

cryptui

CryptUIWizBuildCTL
LocalEnroll
CryptUIDlgFreeCAContext
CryptUIWizDigitalSign
CryptUIDlgViewContext
DllRegisterServer
CryptUIDlgFreeCAContext
CryptUIDlgFreeCAContext
LocalEnrollNoDS
CryptUIWizExport
DllUnregisterServer
CryptUIDlgSelectStoreA
CryptUIWizImport

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 737KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ