1be6c79390f1343fb289200bfce9b6a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1be6c79390f1343fb289200bfce9b6a0
Size

775KB
MD5

1be6c79390f1343fb289200bfce9b6a0
SHA1

34ba2c0ad3713d7a1168415aa65cdf1e74ba0332
SHA256

3e68217b4826efee040fce09c43a3c5f8d96af42f84eb9b71526a21c274d42ab
SHA512

b4be9b6f943bebc89e1f67ead69ebe2e73157762faf0b60938b51079051128435e2d1111bb42c2e80ffdc9a8e3aa1965bb25db6d817236be989634aeb481c5cb
SSDEEP

24576:eW1bzc3GXVRhDktVxNd3UcIynp5vEhmwjhYnyQ:eSbzhvDknxNycIw5vEhHNQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1be6c79390f1343fb289200bfce9b6a0

Files

1be6c79390f1343fb289200bfce9b6a0
.exe windows:4 windows x86 arch:x86

e50c738bfbe48f2e968e2fb21d4e0346

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetStdHandle
lstrlenW
TlsGetValue
CreateFileA
CreateMutexA
GetExitCodeProcess
GetProcessHeap
GetCurrentThreadId
GetEnvironmentVariableA
GlobalUnlock
CloseHandle
LoadLibraryExA
SetLastError
GetModuleHandleA
HeapCreate
GlobalFree
DeleteAtom
FindResourceA
ReleaseMutex

user32

IsWindow
GetDlgItem
DispatchMessageA
GetDC
SetFocus
CreateWindowExA
CallWindowProcA
DrawMenuBar
GetCaretPos
CreateMenu
CheckRadioButton
FillRect
DrawEdge

rsaenh

CPHashData
CPDeriveKey
CPSignHash
CPDecrypt
CPGenKey

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE