1a380056e04e8e4ae3be9ce1bc2faab2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a380056e04e8e4ae3be9ce1bc2faab2
Size

52KB
MD5

1a380056e04e8e4ae3be9ce1bc2faab2
SHA1

494c94c7322437e2302e5f86a3c1344a2a174949
SHA256

88b638ee1c84091de96e1496ca237c1123c7075728a1e5ae820442f9ee056772
SHA512

adec81d8eb4781ab5ed2f96a0bfe2dc0694fd05d6719eda7f9193a66fcbcf8449997e0cca2676f0fc7120edce9143e2c71e89e8b73fd80eb33a85904dde1d576
SSDEEP

1536:5IEZDSxr5+zqs1XvF+PORSOZtzbNXPEK1eK4:5IEZDCr5yquvF+PORS4DXsKX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a380056e04e8e4ae3be9ce1bc2faab2

Files

1a380056e04e8e4ae3be9ce1bc2faab2
.exe windows:4 windows x86 arch:x86

5bd738b68ba767c2598182805e0eb011

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
InterlockedIncrement
GlobalUnlock
lstrcpyW
GlobalAlloc
ReadFile
MoveFileW
GetDriveTypeW
lstrlenW
GlobalAddAtomW
GetSystemTime
WideCharToMultiByte
VirtualAlloc
GetTickCount
GetProcAddress
DeleteFileW
CreateEventW
ReadProcessMemory
FindFirstChangeNotificationW
WriteFile
LoadLibraryW
SizeofResource
GetLastError
LoadResource
SetEndOfFile
FindResourceExW
WritePrivateProfileStringW
Sleep
GetCurrentThreadId
LoadLibraryA
GlobalFree
SetCurrentDirectoryW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 870B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE