1b5d201be2f98b55b160e53ffc25f984 | Triage

Sharing

General

Target

1b5d201be2f98b55b160e53ffc25f984
Size

183KB
MD5

1b5d201be2f98b55b160e53ffc25f984
SHA1

1cd25f2906147536ab2901f20c85cfea25b67c0d
SHA256

af881a4dabb768d42ce40e44aa4903c25d3b9bc2d548fcb81f3ef225ee962a01
SHA512

a7c9497584017b5219d23fab7e6aebf99229c4f3a678a865647280afdcab94d5e1dbd3a700e47c26d413c6c20f6f48a6d3f95a2956a0a23ac6bf7a6d34d8d45d
SSDEEP

3072:VzJqwwv5zqI/GTKlQY6IYRRFZ+0YG+cYPpeyGQyxDygabsO1dv9lyq:VzJuRqtTkl6IqDpbz81GQyYgEdVl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b5d201be2f98b55b160e53ffc25f984

Files

1b5d201be2f98b55b160e53ffc25f984
.exe windows:4 windows x86 arch:x86

9bb09cbc5c24d7b9d8943a3a1ccb8993

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BindIoCompletionCallback
GetNamedPipeHandleStateW
RegisterWowBaseHandlers
GetEnvironmentStringsA
ShowConsoleCursor
RegisterConsoleVDM
SetConsoleMode
GetFileAttributesW
MulDiv
CreateWaitableTimerW
GetCurrentProcess
FindNextVolumeW
CmdBatNotification
IsDBCSLeadByte
GetNamedPipeInfo

user32

SetUserObjectInformationA
SetWindowLongW
WinHelpA
DrawCaptionTempW
DrawFocusRect
InsertMenuItemW
GetAltTabInfoW
GetCaretBlinkTime
DdeClientTransaction
GetProcessDefaultLayout
SetScrollRange
DdeSetQualityOfService

gdi32

EngLineTo
SetROP2
GetLogColorSpaceA
RemoveFontResourceTracking
PolyPolygon
PolyPolyline
CreateFontIndirectA
CopyMetaFileW
StrokeAndFillPath
ResizePalette
OffsetClipRgn
GdiGetDevmodeForPage

Sections

.code
Size: 9KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ