1c9425149f3bb6518f35896c4dd4fdd9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c9425149f3bb6518f35896c4dd4fdd9
Size

183KB
MD5

1c9425149f3bb6518f35896c4dd4fdd9
SHA1

d2c9943efd52a2b1af8d6c72e514ba9231cff67d
SHA256

d3ca0b0b3c2c016c03e5d1e18596cc5570551d1a9f3b572e1a3a7107cd77a025
SHA512

742469993d2fe98f87a0dcbf4815e104054b10d3cb91219c4534f3e0707669277a70749bacb3dadfa84a8840a767eb1dfdde64cb93ce1af3b9f246a8d4e6a465
SSDEEP

3072:AmHcS8kJ7bkTjQTl14Wt9IsHOqJqB1Fc7wu98KTApVtgisc8IdVgUlvC:1HDVvL1dtNHpEBM7X98pzJ8oPlvC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c9425149f3bb6518f35896c4dd4fdd9

Files

1c9425149f3bb6518f35896c4dd4fdd9
.exe windows:4 windows x86 arch:x86

d5dd39577960b6d24e5ad50683289771

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleActiveScreenBuffer
InitializeCriticalSectionAndSpinCount
GetProfileIntA
OpenFile
GetAtomNameW
GetCompressedFileSizeA
SwitchToFiber
FindAtomA
CancelIo
GlobalGetAtomNameW
GetCalendarInfoW
HeapReAlloc
GetBinaryTypeW
ReadProcessMemory

user32

DialogBoxIndirectParamA
CharToOemBuffA

gdi32

CreateDiscardableBitmap
GdiReleaseDC
GdiPlayPrivatePageEMF
SetViewportExtEx
SetSystemPaletteUse
Ellipse
GetROP2
GdiAddGlsBounds
GdiEntry9
CreateEnhMetaFileW
GdiSetAttrs
PATHOBJ_bEnumClipLines
EngUnicodeToMultiByteN
PolyPolygon
ScaleWindowExtEx
EngDeleteSurface
GdiSwapBuffers
PlayMetaFileRecord

Sections

.text
Size: 9KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 170KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ