1ff353eebdc4ca5091d77e946194158c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ff353eebdc4ca5091d77e946194158c
Size

45KB
MD5

1ff353eebdc4ca5091d77e946194158c
SHA1

5ba8aa02313868240fa38c57acd74c6717ae1835
SHA256

2aa26362e9e6613d78ef6af4a12a224d7ff1b09ad1e264d5424da3782462b5a1
SHA512

2bd38d6bee5661aa870e9a4b1831627922af0d59b3b918a6c204f3f138c7f117a799403a98affd673418eb07d5153c48ec5ced2793d239078d77db238b1560f4
SSDEEP

768:DfMHXbUl2NUU5ZHVDNhnoC6+gafZQHUSengr4T1DrjLL290vSSUJ0JdEsMntaOc:LMHXbU6d17FsTeA0T6co

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ff353eebdc4ca5091d77e946194158c

Files

1ff353eebdc4ca5091d77e946194158c
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ