1fe0bfc0b3da6226ae64c914e9940860 | Triage

Sharing

General

Target

1fe0bfc0b3da6226ae64c914e9940860
Size

152KB
MD5

1fe0bfc0b3da6226ae64c914e9940860
SHA1

646f52c8b26dc7e5b134bc215a0bc9ceff65f35d
SHA256

0e255d12ce8f7aa99ac4fb63c0f134040701c2c90bc4c8c233916b74eb4511bf
SHA512

3b056a5de126173afb4b5575dac2a457a70e95076c350da9fb76a6aecdec1cd8550cc8e676092a9c791afca708ac4c98b85926c30649731e0113e0595ffce845
SSDEEP

3072:t8dowcar81ZCVScJ4iQB2BP+4DYkwavCvCJjWPR6pw/xDWoY9U:t8231kVScari+IiavnCR6pw/x9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1fe0bfc0b3da6226ae64c914e9940860

Files

1fe0bfc0b3da6226ae64c914e9940860
.dll windows:4 windows x86 arch:x86

7369a0f9c7a4bd8f44392edfc86bd7c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenSemaphoreA
CreateWaitableTimerA
DisconnectNamedPipe
GetDllDirectoryA
GetTempFileNameA
GetVersion
GetConsoleInputWaitHandle
WriteProfileStringA
GetConsoleWindow
SetFileAttributesA
GetProfileSectionA
ResetEvent
GetPrivateProfileSectionA
HeapDestroy
SetEvent
OpenEventA
QueryInformationJobObject
RaiseException
RemoveDirectoryA
GetCurrentConsoleFont
GetLogicalDriveStringsA
TransmitCommChar
VirtualAllocEx
TransactNamedPipe
EnumSystemCodePagesA
Module32Next
GetLogicalDrives
GetEnvironmentStringsA
ChangeTimerQueueTimer

wininet

InternetGetConnectedStateExA
InternetUnlockRequestFile
ResumeSuspendedDownload
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpSetCurrentDirectoryW
InternetCrackUrlA
InternetQueryDataAvailable

Exports

Exports

Xmpvxbk
WriteUrcgusfmo
Wxgeeuvck
CreateQeksejsbvxn
GetWdqgfwk
Fxneuyuo
GetXraasso
Ffyiainsvfj

Sections

.itext
Size: - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 140KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ