1c1673b1a2fab7305eced4cef2622d90 | Triage

Sharing

General

Target

1c1673b1a2fab7305eced4cef2622d90
Size

56KB
MD5

1c1673b1a2fab7305eced4cef2622d90
SHA1

9bb2c386e3dced1394d4838e3766e397f3a3550d
SHA256

5ad69b1fa0382560e3feac7f40b99742922e0fe8c341a14e9d2f7faea152c1f0
SHA512

1de4977c7ceb5d8e8ba8d2226bcc20206361e3df0d65281726099306a0369f5eddf4606fbcbcf5179651c9fe524d321af7cb41bd541beca93178c3ed7f3f92e7
SSDEEP

1536:eWAaUfkjHAxv5hV4LkCgg9hGjRdTKxgQicpstoDLwTq7Obvd:e7aU2HAx7KguGFdTDQLsHP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c1673b1a2fab7305eced4cef2622d90

Files

1c1673b1a2fab7305eced4cef2622d90
.exe windows:4 windows x86 arch:x86

ff450d7b3e1f13ee3c63314207c0bb75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
SetConsoleMenuClose
FlushFileBuffers
CompareFileTime
ProcessIdToSessionId
GetProfileIntA
LoadLibraryW
GetExitCodeProcess
GetFileAttributesExW
InterlockedCompareExchange

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE