1db158a7b36bafdf56b1f9b91942b73c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1db158a7b36bafdf56b1f9b91942b73c
Size

51KB
MD5

1db158a7b36bafdf56b1f9b91942b73c
SHA1

1bd1e916bcc1a06169cc1329a686f9c20a54bd22
SHA256

c9cd2031b9c94865283da647b8ddb8dfabd4e3d18db90d156095c2f1802ca346
SHA512

aee3e0bd7f9be66df7abb9217167bceba2dc6ca045668e0b66af2617ccc88254a7cafe960775e90fa4f996593a3a1efad49bf6a9c473108cc9aec0d239c1715d
SSDEEP

1536:b/b+BOqW7Hba2UaneZEOcRPlbgHxO6dd6JLu5:b/wOlnaTSJRNbYx+U5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1db158a7b36bafdf56b1f9b91942b73c

Files

1db158a7b36bafdf56b1f9b91942b73c
.exe windows:5 windows x86 arch:x86

6548b126eac569e32d21bb6d926f34a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptDestroyHash
CryptHashData
GetUserNameW
RegCreateKeyExA
RegSetValueExA

shlwapi

PathMatchSpecW
StrCmpNIA
StrCmpNIW
StrStrW
wvnsprintfW

user32

CloseWindowStation
GetClipboardData
GetDlgItem
GetForegroundWindow
GetIconInfo
GetMenuItemID
GetMessageA
GetWindowTextA
GetWindowThreadProcessId
SetThreadDesktop

Sections

.xgxef
Size: 42KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vytop
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xyf
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ