1d164dd816ef203b377126e41e7ff918 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d164dd816ef203b377126e41e7ff918
Size

358KB
MD5

1d164dd816ef203b377126e41e7ff918
SHA1

adb35b9ab4500451b70ea4c04e2ef4b41c09daaf
SHA256

bbc9f5bff4e0d25e76c46c02222285cfa9a6b504d85a64212c4179c54f937f77
SHA512

1f799089c8894b1ddf3e410d6a50a2cb119673eae3190af82fc273d67b763bfeba4e91a54dd8bacb5196ac19f1cf90e7a50bd60af5dd41e7adae2b71bbf8eaf7
SSDEEP

6144:P04smvkh2wB+61LBOGeSsQteetllEF7Cs1RHi4jOW2COGXclc8penaeG:s4smvkhLTLB3vsWPvEF7j12GMQa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d164dd816ef203b377126e41e7ff918

Files

1d164dd816ef203b377126e41e7ff918
.exe windows:4 windows x86 arch:x86

4d34258b947c859af62690bf804ff7dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
CloseHandle
Sleep
GetDiskFreeSpaceA
ExitProcess
GetModuleHandleA
lstrlenA
CreateThread
AddAtomA
SetEvent
VirtualProtect
ReleaseMutex
FindResourceExA
DeleteCriticalSection
GetLastError
SearchPathA
GetConsoleFontSize
GetTickCount
TlsGetValue
FindVolumeClose

user32

GetKeyState
CreateMenu
EndDialog
CopyImage
GetMessageA
DialogBoxParamA
DispatchMessageA
CreateWindowExA
EnableWindow
GetScrollBarInfo
DragDetect
CloseWindow
IsIconic
CopyIcon

wshbth

WSHIoctl
WSHOpenSocket2
WSHJoinLeaf
WSHNotify
NSPStartup

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ