1b284c0eba8e457ab2c30a26c4f5bc2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b284c0eba8e457ab2c30a26c4f5bc2f
Size

555KB
MD5

1b284c0eba8e457ab2c30a26c4f5bc2f
SHA1

13e9439a1a44276de5b234e65369f003a1d46021
SHA256

ed2b197c24eecf3fcc3b37c21167f97ce31c4ffdc08702345d2ccd53c9238fcd
SHA512

d1c8bad352c7119e2e297a74263e97da6779cc820cfd94d4bfb09f94645e1555f438e6f66b64bf93d37b34225ff64dce2c617cd906b0ce0556607653f53bf06b
SSDEEP

12288:L1rz3Iva0mJ4b7Km6wm1Hu5ExoPWLoUQRqZyMUC5DN9BfFl9c+gWXD:Brz3x3sKm6bHYyotRqxPXi+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b284c0eba8e457ab2c30a26c4f5bc2f

Files

1b284c0eba8e457ab2c30a26c4f5bc2f
.exe windows:4 windows x86 arch:x86

7547cd08a992b687c417434c3b5c7770

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

Sections

CODE
Size: 542KB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE