1fea3c5ab215af0b2cbae2351015e7dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1fea3c5ab215af0b2cbae2351015e7dd
Size

251KB
MD5

1fea3c5ab215af0b2cbae2351015e7dd
SHA1

1bbaba784dc105a13da5b592d45266cc8fd84b82
SHA256

73ef23a36b8ca88c6b81604c2e15e5df4d38d5e93db7f1b084afd3e2a65d9cb0
SHA512

0d4934a497879bf0a21dc10540091da4ac3efb4b99d267da1f888f25f451cfdb8f04f54af0817ce9297f5d333729ad4b4e6eeb9b69a8233d09c229986a4dbd25
SSDEEP

6144:PRiRnt/gSIkeUzo6EcKff0oDoGyR3Osojv3bMtkW:PkRnt/sDUlEAGyR3OnjPbzW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1fea3c5ab215af0b2cbae2351015e7dd

Files

1fea3c5ab215af0b2cbae2351015e7dd
.exe windows:4 windows x86 arch:x86

37e5b05962e4c7af6ef32c2331b5d02a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
GetThreadTimes
CancelWaitableTimer
ReleaseMutex
GetUserDefaultLangID
GetLargestConsoleWindowSize
VirtualAlloc
GetDefaultCommConfigW
GetConsoleCP
GetThreadPriority
SetEvent
IsDBCSLeadByte
GetOEMCP
TlsGetValue
AddAtomA
CompareStringA
CreateMutexA
GetThreadLocale
CreatePipe
TlsFree
GetModuleHandleA

user32

GetWindow
GetForegroundWindow
IsWindowVisible
GetSystemMetrics
GetClassNameA
ShowWindow
GetFocus
IsIconic
ReleaseDC
ReleaseDC
InvalidateRect
ValidateRect
GetActiveWindow
GetWindowTextA
GetClassInfoExA
RegisterClassA
CloseWindow
GetDC
GetWindowTextLengthA

tapi32

MMCSetLineInfo
MMCSetServerConfig
MMCInitialize
MMCSetPhoneInfo
MMCShutdown

mlang

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ