1290ac576b941608c2a14d09f692575c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1290ac576b941608c2a14d09f692575c
Size

140KB
MD5

1290ac576b941608c2a14d09f692575c
SHA1

fc424fcd413057b5e20301888945fb4912981272
SHA256

3dad7188887d4618fe7ca1fe934f052b3c48d4d4e1319e827a79a02060574f94
SHA512

e848043bbef3ba0048b89b3da1ad647b8701dc517038199946f520e23c4c69b50c4e0336f0a33a429d2a93a464ccc578282f797ff5ddbf54843cbf2c1321b46f
SSDEEP

3072:BBWxVqfMQdZ851knsZ3fnvOBCv3ousZZZh53vqFVhBJ:WXQQ5+nun9fpaZPvqRB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1290ac576b941608c2a14d09f692575c

Files

1290ac576b941608c2a14d09f692575c
.exe windows:4 windows x86 arch:x86

60c7cb0d4f4dc10ab935203fe3dfba0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
UnmapViewOfFile
LockResource
ReadFile
LockResource
SetEndOfFile
SetFilePointer
CreateFileMappingW
GetTempPathA
VirtualQueryEx
GetSystemInfo
GetCurrentProcess
EnumResourceNamesW
GetModuleFileNameA
CreateFileA
FindFirstFileA
FindNextFileA
ExitProcess
FindClose
SizeofResource
MapViewOfFile
GetFileAttributesA
CloseHandle

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

occache

FindControlClose

ole32

CoUninitialize
StgOpenStorage
CoCreateInstance
CoFileTimeNow
CoInitialize

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 1024B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ