1cf6cbc5ca86c5c5d99befbae72858e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1cf6cbc5ca86c5c5d99befbae72858e1
Size

69KB
MD5

1cf6cbc5ca86c5c5d99befbae72858e1
SHA1

14b408f0ac76ac6f93ae95a416acbee0f3a51e12
SHA256

39495a28682309ea360572adb9fb5f5cea14881ebd6c3888aef03d07a2d4e69b
SHA512

8973442ebfa5fee37e17d5f0adedcd750ab5601ad5b0e03fe4c5f83465b99ca8d1de45c98f87a27c1cb0ed863df739ef3c7009d414e8f9c274015d57d04fd122
SSDEEP

1536:PrYJ8MjllkXL37rHlg0qc+UoM6cMlKJO+:EJf4Xb7rLl+Bczc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cf6cbc5ca86c5c5d99befbae72858e1

Files

1cf6cbc5ca86c5c5d99befbae72858e1
.exe windows:4 windows x86 arch:x86

0545e254390631d57e71e5bef03abce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

FaultInIEFeature
GetClassFileOrMime
CoInternetParseUrl
ReleaseBindInfo
URLOpenStreamA

comctl32

ImageList_DragEnter
DrawInsert
ImageList_Remove

msvcrt

memcpy
memcmp
strstr
strlen
strcpy
memcpy
memcmp
strstr
strlen
strcpy

kernel32

CancelIo
EnumTimeFormatsW
ExitProcess
BackupRead
DuplicateHandle
CommConfigDialogW

Sections

.text
Size: 42KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE