1f6c44eddf20315e210a1d4b72e24550 | Triage

Sharing

General

Target

1f6c44eddf20315e210a1d4b72e24550
Size

177KB
MD5

1f6c44eddf20315e210a1d4b72e24550
SHA1

2a34c6809bd6297157b46b0c5da36440770a0c23
SHA256

68309c1c7c91847ea800496b17ae3eafe675e2b61870363ee6ed098ab0a0fa58
SHA512

dcb786b5e4036b222b46874489087d8e5fb6142067cf85408f1b7ff344c40bd78fed07e8f41cb1af7f492d46550011652f4ce994b8fbf69a471a661f34b4dfc7
SSDEEP

3072:IvqOONDQKkT0fTObD/w/EohiDBwVWkWoXNm6GEYEDQQ0k1tk1:IfOUK0UVXNm60fAHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f6c44eddf20315e210a1d4b72e24550

Files

1f6c44eddf20315e210a1d4b72e24550
.exe windows:4 windows x86 arch:x86

5dff4140a01fbc9ed08b355612e473a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetStdHandle
LoadLibraryExW
GetCalendarInfoW
CreateFileW
FindResourceExA
GetModuleHandleA
LockResource
LoadResource
HeapDestroy
GetVersionExA
LoadLibraryW
GetSystemTime
HeapAlloc
EnumResourceNamesA
CloseHandle
FindResourceA
LeaveCriticalSection
FindFirstFileW
SystemTimeToFileTime
GetProcessHeap
SizeofResource
WriteFile
HeapFree
lstrcpynW
TerminateProcess

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ