1598422ffa6bea4eb7d2692119efe240 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1598422ffa6bea4eb7d2692119efe240
Size

49KB
MD5

1598422ffa6bea4eb7d2692119efe240
SHA1

ee3d0011bf4ea8221936765fb34e7750e2f15841
SHA256

459dad69bd9485bfa2ba528e3694fdc6ba0d0c1dcd33caa20662fc8856098d2d
SHA512

5c33c64b587709651bc0816cfd422daa84e2254120de63d818e333c30140f35e7612a88a5dcb86c89208c70b211941deedbf34147110e3aec4da85f48b94105f
SSDEEP

1536:49uBj22Ntt0NSLyXIudr5Y2w6xBEgNl7etrTNEzvzx8g:4Ij22vtz2wLgNxCTWyg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1598422ffa6bea4eb7d2692119efe240

Files

1598422ffa6bea4eb7d2692119efe240
.exe windows:4 windows x86 arch:x86

8e6c3374cd7bc333bbb195132d42af8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
ConvertThreadToFiber
CreateFileMappingA
CreateWaitableTimerA
EnumSystemLocalesW
ExitProcess
GetCurrentThreadId
GetLogicalDriveStringsW
GetProfileIntW
GetTimeFormatA
LCMapStringW
Module32First
SetCommBreak
SetConsoleTextAttribute

advapi32

CryptDuplicateHash
CryptSetKeyParam
GetExplicitEntriesFromAclW
GetSidIdentifierAuthority
GetSidSubAuthorityCount

shell32

CheckEscapesA
Control_RunDLL
DragFinish
DragQueryFileAorW
ExtractAssociatedIconA
SHBrowseForFolderA
SHChangeNotify
SHGetDesktopFolder
SHGetInstanceExplorer
SHGetSettings
SHGetSpecialFolderLocation
SHHelpShortcuts_RunDLLW
SHQueryRecycleBinW
ShellAboutA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE