1778d548e61f403859eeaf05fccf630e | Triage

Sharing

General

Target

1778d548e61f403859eeaf05fccf630e
Size

61KB
MD5

1778d548e61f403859eeaf05fccf630e
SHA1

c1364c2ddc8d8453a5ba043c4da7b1aa16ca6bc3
SHA256

66c0654fbd8fe346d0b39dc7c72ef7de15e2ae01fca6f271708c06d90044832c
SHA512

dd65b0b8bf5861477f7b8ce0a43e695ce60f28fe376914a0c530b5e67e7053983a78ec078b72a8e6085ca9e1ffb52ccd2eea9cb178b1919772e493877b379f10
SSDEEP

1536:AjXhSO1BYzjboHevDeTiVuvSgvrMIZ5Kkc:uxSUBYrozTiVrErTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1778d548e61f403859eeaf05fccf630e

Files

1778d548e61f403859eeaf05fccf630e
.exe windows:4 windows x86 arch:x86

5b750b5ebf17dce5de7c348489d4bcd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetCPInfo
ReadConsoleA
DeleteFileA

user32

GetWindowTextA
LoadMenuA
DrawTextW
DialogBoxParamA

comctl32

CreateToolbarEx
DllGetVersion
CreateMappedBitmap

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ