1f819e38262b6d4841f3bb908b3e950d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f819e38262b6d4841f3bb908b3e950d
Size

37KB
MD5

1f819e38262b6d4841f3bb908b3e950d
SHA1

5eb0e1623bc2dd6226b577c2bc3f41a9e349d1ae
SHA256

18ee82c4bc2f365d1e7d76ad946d9c00fe1cb863cdfcf8bc45997f83b7f73633
SHA512

44be09c629218e0c9208f28fa8f6c6144a3904fb136c93a93ae30b0b8e99fcdfe627d3023fd5fc7c2c8ee8592806d9487fb23ead8cd9e6a88f8a4a499ef085c0
SSDEEP

768:tikKxIHAOZdaTcAcSN/cCcE+m9ZR/9lBqts/+RDUv:Y3+dQJkrGks/sDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f819e38262b6d4841f3bb908b3e950d

Files

1f819e38262b6d4841f3bb908b3e950d
.exe windows:4 windows x86 arch:x86

1199dedc3de863adc3dfccd5a32051b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
ShowWindow
SetTimer
RegisterClassExA
PostQuitMessage
LoadImageA
UpdateWindow
LoadCursorA
KillTimer
GetMessageA
GetClientRect
EndPaint
DispatchMessageA
LoadIconA
DefWindowProcA
CreateWindowExA
BeginPaint

gdi32

SelectObject
GetObjectA
DeleteDC
CreateCompatibleDC
BitBlt

kernel32

SleepEx
OpenProcess
LoadLibraryA
GetModuleHandleA
GetCurrentProcessId
GetCommandLineA
VirtualAlloc
FindFirstFileA
FindClose
ExitProcess
DeleteFileA
CreateThread
VirtualFree
FindNextFileA

shlwapi

StrStrIA

psapi

GetModuleFileNameExA
EnumProcessModules

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 405B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE