1b37f7de0d38bd4de62f1a629ce2e4e5 | Triage

Sharing

General

Target

1b37f7de0d38bd4de62f1a629ce2e4e5
Size

493KB
MD5

1b37f7de0d38bd4de62f1a629ce2e4e5
SHA1

7e449c735a3b4d2970240e0c56e1a0f0eac034d6
SHA256

4febd1b351d5f74c5bc5f609b46e09fccb74010aa5c674a5fb0c1f4db83634fe
SHA512

9572f1eb9e7dc9e69898d4613731f341533cf4a985cd2ff6a502c795d124bef941ba47ce14904893435f6738e2c6efffc0e3d2f84aaf4d1eca00c3a05c121177
SSDEEP

12288:LoTzV5ge39M8E+VjGx9mWdxlyb3SM/danDuSdM1d+SyLs06/gg:Lov59/49pmh/danCSd4dVdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b37f7de0d38bd4de62f1a629ce2e4e5

Files

1b37f7de0d38bd4de62f1a629ce2e4e5
.exe windows:4 windows x86 arch:x86

2a52ca68ec27554049a8157e36b0b544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

GetNextDlgGroupItem

gdi32

Rectangle

advapi32

GetUserNameA

msimg32

GradientFill

comctl32

ImageList_GetIcon

winmm

PlaySoundA

Sections

pec1
Size: 97KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 346KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pec2
Size: 47KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE