1e97b227a360ec1950f627c28fb19668 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e97b227a360ec1950f627c28fb19668
Size

7KB
MD5

1e97b227a360ec1950f627c28fb19668
SHA1

39a33e0648d0ce22a3c2618b737e8ec9f4fd26ab
SHA256

8bac01ebd4883c36f82d8c36e006a3aff17ca09068ce5130a2ab136b0209fe84
SHA512

f18b8aeb76021fc8a10df967d3aad327060252a9b8fc442f202f3e0fc94d9ee43c2c18474a761025a0c50196a81d1584a78657090e2ccd868f3fa098e783bbba
SSDEEP

192:cALZHYUbi2hcKFW6uelB6nnVciwbHicTj2P:cUHs0cKPcnPcP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e97b227a360ec1950f627c28fb19668

Files

1e97b227a360ec1950f627c28fb19668
.exe windows:1 windows x86 arch:x86

aa57ab958c5dfd47adbac79d9c490f1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ExitWindowsEx

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
ReadFile
Sleep
WriteFile
lstrcatA
lstrlenA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegSetValueExA

Sections

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 931B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE