1bf14c1f4dccb39e881b8a161a8edc90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bf14c1f4dccb39e881b8a161a8edc90
Size

49KB
MD5

1bf14c1f4dccb39e881b8a161a8edc90
SHA1

f432b2e37068729596cdd197b59ec044daca8dd9
SHA256

1f8b4b825a3d566da174c38470dafc35f504efb01f9e946d8c8ce4a0fe086704
SHA512

a081cb5504aa554ce8c214c0a71595cf272a9da6b622fcb20ba3657db0fddb1fd8d4ba1d0b3fdc89831b2ddd89965207941b4746a82db4339579500183b910f6
SSDEEP

1536:834/PC7Ruz3hRXRASULZ6JKYdbzcmhCZnk:It7R8fU6n8k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bf14c1f4dccb39e881b8a161a8edc90

Files

1bf14c1f4dccb39e881b8a161a8edc90
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

UIJDHTEY
Size: - Virtual size: 152KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UIJDHTEY
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE