1bb7c5190454e94894a34c115925619b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bb7c5190454e94894a34c115925619b
Size

9KB
MD5

1bb7c5190454e94894a34c115925619b
SHA1

36d1614de8e8f97e327864f136aad220c5b3c6a0
SHA256

5ded29a45776b19922c7563e966899dfe20ac0e6c6ee3e404528b397623febd3
SHA512

4d0d6f910ca45cd30fbf764532918d84d3d7d3348d44d02b6075cf50c865194a7a0ea51fc6f3c81eadb3af1c250a59bea2779ec0de6109eddcabf543bcf22fa6
SSDEEP

192:QTcwrz84ujdYC5m2ra/lkRj/jkN/yd/JqF0:QTc5DRZM28WFjIy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bb7c5190454e94894a34c115925619b

Files

1bb7c5190454e94894a34c115925619b
.exe windows:4 windows x86 arch:x86

c674cfcb63e9a42979f1f272b613ad28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ExitProcess
GetFullPathNameA
GetProcessPriorityBoost
GetProfileSectionA
GetShortPathNameW
SetConsoleActiveScreenBuffer
SetEnvironmentVariableA

advapi32

BuildSecurityDescriptorA
ConvertSecurityDescriptorToAccessNamedW
CreateServiceW
GetSecurityDescriptorSacl
IsValidAcl
QueryServiceStatus
RegNotifyChangeKeyValue

user32

ChildWindowFromPointEx
DefDlgProcW
DeleteMenu
EnumDisplaySettingsExA
FlashWindowEx
LoadMenuIndirectA
LookupIconIdFromDirectoryEx
MessageBeep
OpenClipboard
SetClipboardData
SetCursorPos
SetSysColorsTemp

shell32

DragQueryFile
ExtractAssociatedIconA
ExtractIconEx
FindExeDlgProc
OpenAs_RunDLLA
RealShellExecuteExA
RealShellExecuteExW
SHGetDataFromIDListA
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHLoadInProc
SheGetDirW
ShellExecuteExA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE