1f1fdf28cd3f106a35a7e57b56fc5d44 | Triage

Sharing

General

Target

1f1fdf28cd3f106a35a7e57b56fc5d44
Size

65KB
MD5

1f1fdf28cd3f106a35a7e57b56fc5d44
SHA1

029402845cca42b7f942dd64cea3f2187495b5dd
SHA256

236fc6fc6834b364f3bb127bb19fedf9e8c2ab38ad1012fdf7a68c8366cd9580
SHA512

389f41606ddc05890937ddeebbde6cf1d01bdabfab8c01d5dfdfa00e434f0365b0bb9345c2e29fbed62ef5577372e9f9cf282440bd0b7566816d240c12db809e
SSDEEP

1536:fjK95XrdtBi+w+RDlsQDJv/HOw9aR8i1Rg:fA5XrViUPsQBHON6i1Rg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f1fdf28cd3f106a35a7e57b56fc5d44

Files

1f1fdf28cd3f106a35a7e57b56fc5d44
.exe windows:4 windows x86 arch:x86

9086f8875c61bfd2bca0700706f20e8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
VirtualProtect
GetSystemTimeAsFileTime
GlobalUnlock
ResetEvent
HeapAlloc
VirtualAlloc
CreateMutexW
GetModuleHandleA
SetEvent
lstrcatA
GetFileTime
OpenMutexW
MulDiv
SetFileTime
lstrlenW
ReleaseMutex
GetFileAttributesW
GetProcAddress

user32

MsgWaitForMultipleObjects
GetKeyboardState
EndDialog
CloseDesktop
FindWindowExA
GetKeyState
GetIconInfo
GetWindowThreadProcessId
DrawIcon
GetDlgItemTextA
ExitWindowsEx
GetWindowLongA
GetDlgItem
GetForegroundWindow
PeekMessageA

shlwapi

StrStrW
PathMatchSpecW
wnsprintfW
wnsprintfA
wvnsprintfW
PathRemoveFileSpecW
StrCmpNIA
PathFileExistsW
PathFindFileNameW
SHDeleteKeyA
wvnsprintfA
StrCmpNIW
PathCombineW

advapi32

RegCloseKey
CryptAcquireContextW
CryptDestroyHash
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
CryptCreateHash
CryptHashData
RegQueryValueExA
DuplicateTokenEx
RegDeleteValueA
CryptReleaseContext

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE