1a7726867c9d2217785fab6bd7799272 | Triage

Sharing

General

Target

1a7726867c9d2217785fab6bd7799272
Size

403KB
MD5

1a7726867c9d2217785fab6bd7799272
SHA1

64f8253f295f88fa1fe8d8556c5254cda953450c
SHA256

dc58aca90e7884d0ad732ea91a33824a37361b8a6ba339d9efa2e9ff2dade94b
SHA512

f61b4996423128d7401cce42de3c2968c6611eb722e9235448e7acc0e5a34854fca80eb82080de40cfc9107a4b04c5180aaa2e1012f30ae5f484db62cc8d8b9c
SSDEEP

3072:nniGpcwxIdrijNVKUhmHA3uc4RHlQlEGzOIOK8UzyPaXKu:nnnpcwyojNA3Hs4FHGzOIcUzyPwKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a7726867c9d2217785fab6bd7799272

Files

1a7726867c9d2217785fab6bd7799272
.exe windows:5 windows x86 arch:x86

b6bebedf54a56d19d754b1facf450f0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
VirtualAlloc
GetProcAddress
LoadLibraryA
GetLastError
WaitForSingleObject
CreateThread
ExitThread
GetExitCodeThread
GetSystemTime
SetFilePointer
SetStdHandle
GlobalAlloc
RtlUnwind
HeapDestroy
DeviceIoControl
CreateFileA
CloseHandle
WideCharToMultiByte
GlobalReAlloc
GlobalFree
GetModuleHandleA
WriteFile
HeapCreate
FlushFileBuffers
VirtualProtect
Sleep
GetTickCount

user32

MessageBoxA

cfgmgr32

CM_Get_Parent
CM_Locate_DevNodeA

Sections

.text
Size: 389KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ