1f5aa0b8068c2377152492886228e600 | Triage

Sharing

General

Target

1f5aa0b8068c2377152492886228e600
Size

75KB
MD5

1f5aa0b8068c2377152492886228e600
SHA1

c0c30101741771244c96fa679af55bd5c7a1f2b7
SHA256

c5ecb0c8cf931f01fcb88cef083eaecd9d547169204190047ac52a2e12556a46
SHA512

a9292a5e2a21abff444b5d866a1aa368058e79bd1cfac9dc3b0c936db2a5a12e6c91e5637ede356065dac1603137dcc67b2b8cfffc0b489c676bbe251ac4a012
SSDEEP

1536:FCo/Szjun0+0CEti8tmvmNB+JBPZo//uDqBRtDvl0ysialOO2EZgtvVqwMlGOfum:F5Dn6YDO7cLo/RNDvqKt7Mgt8plfXz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f5aa0b8068c2377152492886228e600

Files

1f5aa0b8068c2377152492886228e600
.exe windows:4 windows x86 arch:x86

bfa59defe52e686d5f48503c3200f5bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenThread
CreateFileMappingW
DeleteTimerQueue
EnumCalendarInfoW
GetComputerNameExA
MoveFileW
GetVolumeNameForVolumeMountPointW
QueueUserWorkItem
ClearCommBreak
HeapCreateTagsW
FindActCtxSectionStringW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 61KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE