1f5a60d084cf41aad5f6a252f9de7f10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f5a60d084cf41aad5f6a252f9de7f10
Size

63KB
MD5

1f5a60d084cf41aad5f6a252f9de7f10
SHA1

3531f530a60d0e26acfcffce420168294cac3e3e
SHA256

180c3b255008f91997544064ad759bfe3f81028ecd5f3b57491c9f3aa21a145d
SHA512

a529b58c906f69e48dc8ca58a67753d2031b7d3785ce7e5102bd8fdf01715c5b94a8bf33a71a21e94b3ce156d0b7ebbe75f5fb492f7416f788a2d3fcfbf3b5a8
SSDEEP

1536:1d0XQHyp9L99XjBNwpj5cB++5LFqtha4s3xseLZa2q:H0XRp9hREtSA4L4tEXxseLM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f5a60d084cf41aad5f6a252f9de7f10

Files

1f5a60d084cf41aad5f6a252f9de7f10
.exe windows:4 windows x86 arch:x86

f9fa11be15c1f8526d21856114d1339c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexW
CreateFileMappingA
VirtualQueryEx
GetConsoleAliasExesLengthW
GlobalSize
HeapUnlock
CreateDirectoryExA
QueryPerformanceFrequency
SetCriticalSectionSpinCount
DebugActiveProcess
IsBadReadPtr

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE