1e61d5be834ad4b1314fea06348fe293 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e61d5be834ad4b1314fea06348fe293
Size

39KB
MD5

1e61d5be834ad4b1314fea06348fe293
SHA1

13f0a7ab7304a8ee9ac6a5cabccf2bdcf6ed42f4
SHA256

b53924498b2f407053011498dfbde73544f2e316625d306624e646a5eb1d3a6c
SHA512

ac08db2a2c331017800fa138e70365794ffffe8e9b40b3fbe6e2b89f9f21eab8cf3a9b054db47501d62e5d2d08b0691152927d664d9bb6d514da163b5d850e26
SSDEEP

384:yZZr/OSIT7cS9vX9yUQkWUx9evpml3AoFQyo5pSD6CxdvTVYupLoIz:yDr2Si7cMX9wkWw9pQjenv6upLoI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e61d5be834ad4b1314fea06348fe293

Files

1e61d5be834ad4b1314fea06348fe293
.exe windows:4 windows x86 arch:x86

18be915c7a77fa948c1fe3989841c5cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
SetServiceStatus

kernel32

FlushFileBuffers
HeapFree
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
GetFileAttributesA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE