1ff6f987e2cf8220f7306afc2b38adb7 | Triage

Sharing

General

Target

1ff6f987e2cf8220f7306afc2b38adb7
Size

363KB
MD5

1ff6f987e2cf8220f7306afc2b38adb7
SHA1

8540e677b6eab80dca51907f5c058720eee133fd
SHA256

d5322ec78117877c3cf3f2532810e29842b8f96e1f30f706fdae5c2f420b0388
SHA512

fae8f8065a8afd7458c5b05f844700a90ba7944b1389587c29b38f44006c519c2e9399f414d6d89945fbf07d56a95a54754b5f9969369bf9c4dcc3348e7f1eac
SSDEEP

6144:OF854NgQwVsrvPSBHGeytGh0bgFfzDfpVdQbm1z4KVny1sRsjV7J1oyhuCrps:OFfOQwCjPS9GJGh+gt/D+bmZynV7mSps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ff6f987e2cf8220f7306afc2b38adb7

Files

1ff6f987e2cf8220f7306afc2b38adb7
.exe windows:4 windows x86 arch:x86

8c4893861ea89646488161aff73be138

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
GetTickCount
GetDriveTypeA
GetCommandLineA
GetComputerNameA
CloseHandle
DeleteCriticalSection
GetDiskFreeSpaceExW
LoadLibraryExW
VirtualProtect
GetModuleHandleA
GetLastError
GetExitCodeProcess
ReleaseMutex
FindClose
Sleep
CreateMutexA
FreeConsole
SetLastError
TlsGetValue

shell32

SheChangeDirA
StrChrA
SHGetSettings
DragAcceptFiles
ShellMessageBoxA
SHGetNewLinkInfo
SHFree
ShellAboutA
DllUnregisterServer
SHGetMalloc
SHGetDiskFreeSpaceA
DragFinish
DragQueryFileA

printui

bFolderGetPrinter
PnPInterface
bPrinterSetup
bFolderRefresh
vQueueCreate

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ