1b36e721ee80f9f53b8f3f49cad8f7de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b36e721ee80f9f53b8f3f49cad8f7de
Size

374KB
MD5

1b36e721ee80f9f53b8f3f49cad8f7de
SHA1

322101aaed540f7f11d7f3de812503461db0fc76
SHA256

31f72734f57c7cce3af5fced26583c1c7ea7d6c46a08ec853113cbf424f61915
SHA512

dc7a8e977081255c19f2593d8e0a758b4419ffec4b24963bb82a04691b1b4bd1f01890b28405bd88c13c4eff131f6af55e991ba551332a6ef4e7964a3c3c17b1
SSDEEP

6144:jBGt88L1TKeW1epl0dzTfhj33RMqBcOK/zrnxReU5mqIs3gmmJ10:jBC88L1mn1e70dzLl3uqBr2rxB5m5Ggv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b36e721ee80f9f53b8f3f49cad8f7de

Files

1b36e721ee80f9f53b8f3f49cad8f7de
.exe windows:4 windows x86 arch:x86

7064295ffc0661805c75020783913c7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
FlushFileBuffers
GetModuleFileNameA
GetProcAddress
VirtualAlloc
HeapReAlloc
RemoveDirectoryW
GetFileSize
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
GetTickCount
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
GetVolumeInformationW
LoadLibraryW
ExitProcess
InterlockedExchange
RtlUnwind
GetPrivateProfileStructA
QueryPerformanceCounter
VirtualQuery
LoadLibraryA

comdlg32

PrintDlgA
FindTextA
FindTextW

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ