126331dc47d5b374c24d7ea91729e3bd | Triage

Sharing

General

Target

126331dc47d5b374c24d7ea91729e3bd
Size

488KB
MD5

126331dc47d5b374c24d7ea91729e3bd
SHA1

f8778e0f62dcb51c0c0a86d027fc06a103f0f798
SHA256

0541b9826381707950b876731e623b5c8e3161ca21fcb4f0d4c00e8548f19d35
SHA512

e7c8bb08ef990176e704a0b45c821a28e3714c803dcf1c9f752c35d097a655393ccc92e6c056df21731bcf292a07c8ad4236141de6ba1e8593c2879501dcfeed
SSDEEP

6144:h5lbmf0JwFDAO8xqb4Tdoxh+k9Y9Sd0o6dwrSpcIrD+aE2/irmp7fYWs:h5wfJAOyRF9KVrSp52aE2cmpu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
126331dc47d5b374c24d7ea91729e3bd

Files

126331dc47d5b374c24d7ea91729e3bd
.exe windows:4 windows x86 arch:x86

a19af5d4348e237c08ec9f23b4f428fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerW
GetShellWindow

kernel32

GetDiskFreeSpaceExW
GetCommandLineW

Sections

.text
Size: 479KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE