1f9e6e0d64b7bb83db1778551a140226 | Triage

Sharing

General

Target

1f9e6e0d64b7bb83db1778551a140226
Size

146KB
MD5

1f9e6e0d64b7bb83db1778551a140226
SHA1

c06cc9b44689b3405b603b184d373bee18c13fb5
SHA256

53fa876a31ac17e85532b16808a9a099d741bb2af8059e133846079ae962777a
SHA512

c434cfd78367293d650667997c57550b60878c91c6993b33b225abb5150dbd98cc1ece0f34b7cad80f15fd15308d0f2bd2bb6c835a0dc8b76b85e2258155ca75
SSDEEP

3072:vvTjf9FNMLACw2fVkN9H1phNThgOcj1/gSeG:D79YhwYSfNThXAgDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f9e6e0d64b7bb83db1778551a140226

Files

1f9e6e0d64b7bb83db1778551a140226
.exe windows:4 windows x86 arch:x86

77e4611c2b2cbcc0b593168d1cdf1063

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerBuffA

kernel32

CloseHandle
CreateFileA
EnumResourceNamesA
ExitProcess
FindResourceA
GetTempPathA
LoadResource
LockResource
SizeofResource
WriteFile
lstrcatA
lstrcpyA
lstrlenA

shell32

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE