1d6e351d1f1b5addab2f750d505ab308 | Triage

Sharing

General

Target

1d6e351d1f1b5addab2f750d505ab308
Size

116KB
MD5

1d6e351d1f1b5addab2f750d505ab308
SHA1

838113a6490b7c0f10a7353de6eb4965b9b4cda2
SHA256

11c82e31b10273ad251ff07fd16db50c0fa231a863d9dad84130e9cb4ae3da7b
SHA512

8d595c996cf3b9f5fae666306cc1f2f2acf43ce9006bec196024488c53b8f53146bb696f276ea87f56168eab806ec156c8029745d841d5951d2fae6b0b84cea1
SSDEEP

1536:/UlaOeSyFMHatP1pw1JqcoyJ0b1ViS0Nk+9zNGg9tm88XaiGAs3Ii8Xm1ICgj0j0:8lSMHc1ZDIGiPB9UFXaiGc4ICgj0WPJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d6e351d1f1b5addab2f750d505ab308

Files

1d6e351d1f1b5addab2f750d505ab308
.exe windows:4 windows x86 arch:x86

b2b40541555beaaf8da00c602b8b7b68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
CharNextA
TranslateMessage
GetDC
GetParent
GetDesktopWindow

kernel32

QueryPerformanceCounter
RemoveDirectoryW
GetWindowsDirectoryA
FindClose
lstrcmpiW
RemoveDirectoryA
GlobalFindAtomA
lstrcmpiA
lstrlenA
lstrcmpA
lstrlenW
GetSystemTime
CopyFileA
GetCommandLineA
DeleteFileA
VirtualAlloc
GetModuleHandleA
VirtualFree

gdi32

SetStretchBltMode
LineTo
SetTextColor
CreateCompatibleDC
SelectPalette
GetObjectA
GetClipBox
CreatePalette
RectVisible
GetTextMetricsA
CreateSolidBrush
RestoreDC
SelectObject
GetPixel
GetDeviceCaps
SetMapMode
DeleteDC
GetStockObject
SetTextAlign
SaveDC

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ