1f285bef45f98c2989ff52123f6925e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f285bef45f98c2989ff52123f6925e1
Size

40KB
MD5

1f285bef45f98c2989ff52123f6925e1
SHA1

1e1641c288db3fa25a5963572efb895de104eb0d
SHA256

37027e05b35c69dd47a69b5aef19372e48bad870fcc65529d501cf6c276f5330
SHA512

2e94d6dfd6e5b36911731417f58f34b165adba6062315cdf88e88f42a773fe564e5dc457c33febd20379017c570bfc91325c10bbea866bd0839920e1ca4b66ef
SSDEEP

768:SGTiINTPOXbpe5sB0AvjPP2LF67nSZgvVRFBO6u4ZydvIwQueNHc:rTiATPOXbksBXX26nS0DDu4ZylIwNEHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f285bef45f98c2989ff52123f6925e1

Files

1f285bef45f98c2989ff52123f6925e1
.exe windows:4 windows x86 arch:x86

fa9769a291cc8bfc52a1e15dcdcb1180

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExW
GlobalMemoryStatusEx
EnumLanguageGroupLocalesA
EnumResourceLanguagesA
FlushConsoleInputBuffer
CreateThread
GlobalGetAtomNameA
GetDateFormatA
lstrcmpA
CreateFileA
VirtualProtect
GetTimeFormatA
CopyFileExA
EnumSystemCodePagesW
CancelWaitableTimer
ExitProcess
GetCPInfoExW
IsValidLocale
WriteTapemark

user32

IsDialogMessage
CreateCaret
InitializeLpkHooks
DrawCaptionTempW
CreateWindowStationW
IsCharUpperW
CascadeChildWindows
EnumDesktopsA
GetWindowModuleFileName
GetInputState
GetNextDlgGroupItem
GrayStringW
HiliteMenuItem
GetClassWord
VkKeyScanW
LoadMenuIndirectW
GetWindowTextLengthA
DialogBoxParamA
LoadKeyboardLayoutW
SendDlgItemMessageW
SendMessageTimeoutA
GetLastActivePopup
CallWindowProcW
CharPrevA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE