1f7f25181a02770df4c5c1165757ca99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f7f25181a02770df4c5c1165757ca99
Size

637KB
MD5

1f7f25181a02770df4c5c1165757ca99
SHA1

09808d02e8f3c55be23f6fd9d97250830a13bd94
SHA256

0d833f75f2750bfaf8aca2c1942b48825c95c7361752a3f9ad33c848e7fe5d86
SHA512

f5c73145ab7e9e9ae21ccd031ea830424f84f51466b00181566489143f5a35fccae2c0915e7978b0aec0dfb53754e23c12d0fbd7f1b7342a26a21d0efbdbe596
SSDEEP

12288:ADi8qTUQ9r0wR2M2cx/QdsKmXvrgvzb17nRDoJ:AH0UQdx2Fcy+K0jwNLRD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f7f25181a02770df4c5c1165757ca99

Files

1f7f25181a02770df4c5c1165757ca99
.exe windows:4 windows x86 arch:x86

c345f03b3f7598edd20aca036060a312

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetCommandLineA
GetUserDefaultLCID
WaitForSingleObject
HeapCreate
IsDebuggerPresent
GlobalMemoryStatus
PeekConsoleInputA
GetModuleHandleA
ResumeThread
GetTapeStatus
GetCurrentProcessId
GlobalSize
InterlockedExchange
LoadLibraryA
FreeConsole
HeapDestroy
GetSystemTime
GetACP
GetOEMCP
GetTimeFormatA

user32

EndPaint
SetForegroundWindow
GetDC
GetParent
GetTitleBarInfo
BeginPaint
DragDetect
AnyPopup
ReleaseDC
FillRect
GetWindow
FrameRect
wsprintfA
DrawTextA
GetFocus
GetClassNameA
ShowWindow
GetCursorPos
CreateIcon

ntshrui

GetLocalPathFromNetResourceA
IsFolderPrivateForUser
GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
IsPathSharedA

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ