a1c0931315ba748e1807b93a95e2ea91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1c0931315ba748e1807b93a95e2ea91
Size

199KB
MD5

a1c0931315ba748e1807b93a95e2ea91
SHA1

915377a608fc71d913bd34322c47fd4653054e50
SHA256

008b96324de5f4ae1b880e1f3c13de3f00e55158206d270c4065eaea45eed0d4
SHA512

27b6e6bea7ea5c365067e47f5065c63ffbbebada32d314dbb74aaa1359732488c4110a1abd2db305dd6e8e4bbe69e18387860cd4d52de2e692873b36887ca8d1
SSDEEP

3072:Ia4n6/HBq3qAdGhS4k5p5pU4T4B+jca8Wz/9DMFIW925pOLA/hmqVvTVLC4HTkwE:d4+Bq3qnop535+Wzmw5pSqpheLweh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1c0931315ba748e1807b93a95e2ea91

Files

a1c0931315ba748e1807b93a95e2ea91
.exe windows:5 windows x86 arch:x86

1a600eafe1028ffe32a69d236b32d1ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
GetModuleHandleA
GetModuleFileNameA
ExitThread
CreateDirectoryA
GetFileType
ClearCommBreak
SetVolumeLabelA
WaitForMultipleObjects
GetProcessHeap
HeapCreate
SetEndOfFile
HeapFree
DeleteAtom
CloseHandle
CreateSemaphoreW
FindAtomA
AddAtomA
GetCommandLineA
RemoveDirectoryA
WriteFile
CreatePipe
FindClose
GetDriveTypeW
RemoveDirectoryA

clbcatq

CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup

msvidc32

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE