1f43ea2388d80fbbb8ee593410ed4b48a59b140f95aa0839b9a2c35a14f78f5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f43ea2388d80fbbb8ee593410ed4b48a59b140f95aa0839b9a2c35a14f78f5d
Size

10KB
MD5

ec437d1dcdcb177f53446c039874b8db
SHA1

f6dbded74bf38fd9ca4ba628040faec3755cc473
SHA256

1f43ea2388d80fbbb8ee593410ed4b48a59b140f95aa0839b9a2c35a14f78f5d
SHA512

472e6e0adb64f7f54567459856174d59cb4ed5a57235e3cfae5f1616dfa9eac5193fb69129ba62d10dbb88c45b7cf722f7724bb992a5c601a04f29b852ed5cbd
SSDEEP

96:+nBkwRyQc/3FOTKwPE9Ig5u8uaiKQXmg8TPwAhB9mrp+seadvDeBZjt3kXCDaJoN:MZhc/aKpwBJ8ThmISvutUtBy+qSOXjh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f43ea2388d80fbbb8ee593410ed4b48a59b140f95aa0839b9a2c35a14f78f5d

Files

1f43ea2388d80fbbb8ee593410ed4b48a59b140f95aa0839b9a2c35a14f78f5d
.exe windows:5 windows x86 arch:x86

d61b4c6431aa9b6dc7ed85c1aaad082c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
ExitThread
GetModuleHandleA
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleW
ExitProcess
GetLastError

user32

GetClassNameA
MessageBoxA
GetActiveWindow
GetWindowTextA
SetFocus
SetForegroundWindow
BringWindowToTop
ShowWindow
VkKeyScanW
CreateWindowExA
RegisterClassExA
GetCursorInfo
GetCursorPos

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 833B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ