1f5f5ca9c9fca84139b5c019d25e7110 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f5f5ca9c9fca84139b5c019d25e7110
Size

40KB
MD5

1f5f5ca9c9fca84139b5c019d25e7110
SHA1

f07e986eaacfe63dedf1e6dc593da989234dea4e
SHA256

3c686ad0a73b61da0cb7839066f60815429ed0fed744eb9477989eeb5f621f16
SHA512

5e9c7150af1c1495bf6fb77c925e784d659e6e5faef68d5f772309f14dc6a2bd6f540725514a988738f46fbb4358b8d3f56a339673439dfeb482ec86448434ea
SSDEEP

768:jlbdc77ocACv1AEgiVyBP+FAjV82W6d4ZnFuheEnZ93noXav8Askuxc:jlbdk7MIdgyy8mhYgiu8EnLXoE8Xku2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f5f5ca9c9fca84139b5c019d25e7110

Files

1f5f5ca9c9fca84139b5c019d25e7110
.exe windows:4 windows x86 arch:x86

911b33f58c832e86477e766e1f1e2791

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateIoCompletionPort
ExitProcess
GetPrivateProfileIntW
IsValidLocale
SetComputerNameW
WriteFileGather

advapi32

CryptDestroyHash
CryptDuplicateHash
OpenSCManagerW
PrivilegeCheck
RegEnumKeyW
RegSetValueW
SetEntriesInAclA
SetTokenInformation

user32

AlignRects
AttachThreadInput
ChangeMenuA
CharToOemW
CloseClipboard
DrawFrameControl
DrawTextExW
GetMessagePos
GetUserObjectSecurity
GetWindowRgn
SendDlgItemMessageW
SetMenuItemInfoW
SetProcessWindowStation
SetWindowContextHelpId
UnhookWindowsHook

shell32

Control_FillCache_RunDLLW
FindExecutableA
PrintersGetCommand_RunDLLW
SHBrowseForFolder
SHGetSpecialFolderPathA
SHHelpShortcuts_RunDLLA
SHQueryRecycleBinA
SHUpdateRecycleBinIcon
SheGetDirA
SheGetDirExW
SheGetDirW
SheSetCurDrive
ShellAboutA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE