1bde6fa7737f3148a301b53d2d79b2fc | Triage

Sharing

General

Target

1bde6fa7737f3148a301b53d2d79b2fc
Size

160KB
MD5

1bde6fa7737f3148a301b53d2d79b2fc
SHA1

97ac8b7d3058a2e4920c27e496536b10c27f505a
SHA256

7da3c09ea1f4ed3cfc81cf8a8ee4a3794ff720d919e2b94b37c5cd9c137b8a69
SHA512

5e377e1f45cd515988e081f9b67e4f734a1ad03f1c5c60f5d0fb0233541d23a2fb5ab80cc874cb868b6b601500439384e1df1ed2255c0a0ddf8385fba233b3bd
SSDEEP

3072:k3PjlxkmQ+a/uoXJ9PQxq+IZkWmxntpmZArkKWv8/fDFA035:kjUmQ+a/WxHPWmDpDkKWknZA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bde6fa7737f3148a301b53d2d79b2fc

Files

1bde6fa7737f3148a301b53d2d79b2fc
.exe windows:4 windows x86 arch:x86

57059133f277b8c5478a71c86db4b533

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

SHGetFolderPathW
SHAddFromPropSheetExtArray
DllGetVersion
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

kernel32

GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetModuleHandleA
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
HeapReAlloc
GetTimeZoneInformation
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA

setupapi

CM_Get_DevNode_Status
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents

user32

GetKeyState
IsWindowVisible
GetWindow
SendMessageA
GetDlgItem
GetFocus
LoadBitmapW
CharLowerA

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 122B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ