1366ff7b27da107aac0d930f784daca5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1366ff7b27da107aac0d930f784daca5
Size

186KB
MD5

1366ff7b27da107aac0d930f784daca5
SHA1

db1179f1805b98fe25743629b2ae4b41dbee240e
SHA256

2427155f74ff7500715f9c4acfbd1d3b78c88c5e49dd6cb88558736bc2bc214d
SHA512

7b3f467bebd7f7727af03a57a131c9eff37b54163c6e6fdd6301387207eee6f35e82c5e827148e474bcf71ee160a34510a914ae52a8c56daddd93a6c078fbb3a
SSDEEP

3072:7cKnWSESCiDHrVi3aXRhF5rcy2YItWa01uERwBRkge9ef/cxWc2dC0egfbf2wAC6:7cKWSEc7X2tWa01uERARlqu/Gf2dCG6r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1366ff7b27da107aac0d930f784daca5

Files

1366ff7b27da107aac0d930f784daca5
.exe windows:4 windows x86 arch:x86

4250405381d3002617e463c94568d2ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TermsrvAppInstallMode
LCMapStringA
ReplaceFileA
ReadFileEx

user32

DdeEnableCallback

shell32

StrRStrIA
SHGetDiskFreeSpaceA
SHCreateDirectoryExW

gdi32

DrawEscape
GdiTransparentBlt
RemoveFontResourceExW

Sections

CODE
Size: 9KB - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 171KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ