e1fa8f18bfb92e7707c8dc10b8642ddd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1fa8f18bfb92e7707c8dc10b8642ddd
Size

260KB
MD5

e1fa8f18bfb92e7707c8dc10b8642ddd
SHA1

5c58cba3545e54c5bc89ea60cde3fdbc4f430109
SHA256

4eae7808c9d4ee409ba991ba31cb3f8f40d7e959c4d69c2fbc225d7da0e802e9
SHA512

294b8d5e242d71e80833d0a203ff38ef75a6f2330ec1fec4c0bc7c6f2850fc3cb74b5a52e5810531c262ae4eb4bf80b29e9af816021ce8912aa283d66debffc3
SSDEEP

3072:ofLlIloAC0EG9MpRWFgZCaG+y+RKbanlIBSrzBGnMpjs0WDOUZ78P/o+RGTS/kCc:60E1/B8b2lDrzYnN78PA+8S/kY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1fa8f18bfb92e7707c8dc10b8642ddd

Files

e1fa8f18bfb92e7707c8dc10b8642ddd
.exe windows:4 windows x86 arch:x86

e4da16a64f570a241a14c0acda752586

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

gdi32

RestoreDC
GetPaletteEntries
GetDeviceCaps
SetTextColor
GetTextMetricsA
SetMapMode
GetStockObject
SetWindowExtEx
GetPixel
SetColorSpace
LineTo
EndDoc
SelectPalette
ExcludeClipRect
MoveToEx

user32

GetDesktopWindow
GetMessagePos
GetInputState
CharNextA

kernel32

GetOEMCP
GlobalFindAtomA
lstrcmpiA
lstrcmpiW
GetCurrentProcess
lstrlenA
GetModuleHandleA
DeleteFileW
lstrcmpA
GetUserDefaultLangID
GetConsoleOutputCP
GetCommandLineA
GlobalFindAtomW
VirtualAlloc
GetCurrentThreadId
GetCommandLineW
GetLastError
GetCurrentThread
IsDebuggerPresent
lstrlenW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ