1dab8aa897b6d76d4d39359c032c9493 | Triage

Sharing

General

Target

1dab8aa897b6d76d4d39359c032c9493
Size

40KB
MD5

1dab8aa897b6d76d4d39359c032c9493
SHA1

bd1b02f8727ea38c1c4b250412015b83a2ea80a2
SHA256

e8243293ab1e538d6124d5e3109e6f1795bd91c15a93ae91ae86ea1ff96b4743
SHA512

43cfb911ea626b84fccd615f2028fe3ac8434bccba5e426919438cbdc6a973539cde5df2fac9cba2502d2f2cf32b678ca60472b912a375a6fca97ea520d7b1af
SSDEEP

384:9b3TOmywlnoAUrAxrpFjLhoBOrpFTkKrpFUMNB+GsN7bZDOzDkSTaJ:9bv1noXgrfsOrTZrdB+GsNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1dab8aa897b6d76d4d39359c032c9493

Files

1dab8aa897b6d76d4d39359c032c9493
.exe windows:4 windows x86 arch:x86

0cd774fb97ecf73cdbc3331a9e8d6bd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
ExitProcess
GetCommandLineA
GetModuleHandleA
RtlUnwind
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
GetCurrentProcess
TerminateProcess
WinExec
lstrcmpiA
GetStringTypeA
Sleep

user32

CharNextA
SendMessageA
GetDesktopWindow
GetClassNameA
GetWindow
PostMessageA
GetParent
GetWindowLongA
ShowWindow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ