1a8894a8f3878409a159a4db60910ae8 | Triage

Sharing

General

Target

1a8894a8f3878409a159a4db60910ae8
Size

214KB
MD5

1a8894a8f3878409a159a4db60910ae8
SHA1

65442414f42389a50a433fd52e3d86d7183f3202
SHA256

d47dc46323604c7164ea6c7ddff3b5ab4da9270ed0a5161c1cfaafbd02da4d6a
SHA512

e7e5c6d777f2d924571b8510a499e1fc7cd66a349d49658b9acc12044e5775221e4a32678fde9e2a047d392aa960db30587f3ba62bb3038e44a704e17196a733
SSDEEP

3072:vEoB+tB6/X1zqoHLsnEtf/pp3qmv1JJGd/AYKW1qW:AvYWSLzf/pp6mv70L1q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a8894a8f3878409a159a4db60910ae8

Files

1a8894a8f3878409a159a4db60910ae8
.exe windows:5 windows x86 arch:x86

c412a4fe49dd677d280723848ff81469

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

advapi32

RegQueryValueW
RegOpenKeyExW
RegLoadKeyA
RegCreateKeyA
RegCreateKeyW
RegEnumValueA
RegQueryValueA
RegEnumValueW

user32

CopyRect
CopyIcon

Sections

.noin
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jbpd
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cbiol
Size: 145KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ojbaf
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ