1094db696cd83f31051fc959eb08bf18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1094db696cd83f31051fc959eb08bf18
Size

274KB
MD5

1094db696cd83f31051fc959eb08bf18
SHA1

bfd28019d053a8a562ffd0ef18cab4f03de7a4ec
SHA256

71e93a8d0c6366c1d5a41de46227a681b66b74155ba14165b7f57b9cfeec621e
SHA512

581ceeb482f3f7e402bf4c3cdc02229b0e9f1bc031885dae3589758285850e33738ac3bf3b00d5b2d6c2e5dc127ece6280b06ebe460c7f6bc4ac87d1e67beadf
SSDEEP

6144:rLLMrYhYkaRmq6lYHKDfW+soxn8ZTHO/L/hqGroTqVzpY:PLPhY/N6lIK/81iVqXqlpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1094db696cd83f31051fc959eb08bf18

Files

1094db696cd83f31051fc959eb08bf18
.exe windows:4 windows x86 arch:x86

ad48f98b1f44fff272935321687abe70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
GlobalHandle
GetCurrentThreadId
WideCharToMultiByte
ReadFile
QueryPerformanceCounter
FindNextFileA
IsDBCSLeadByte
lstrlenA
FindFirstFileA
EnumResourceTypesA
EnumResourceLanguagesW
GetSystemDirectoryW
SetFilePointer
GetModuleHandleA
WriteFile
GetCurrentProcessId
FindClose

oleacc

LresultFromObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ