Light 1[.]0[.]exe | Triage

Sharing

General

Target

Light 1.0.exe
Size

7.8MB
MD5

84135c89192ec121f71196b9d0328551
SHA1

a7bcda195e7f38656724762d10f91fc134de54d1
SHA256

e2ffe3a130160cf19f704097449f6f1092fc5e52f64925d698cce7a56719b6f2
SHA512

626fca07cf6746e95343d6607221443a9f9593f46ff6e68688a63f61cf78c605cd86a0cb1d36d7fd961fedffa721e7fea37bafa8eafa7e59b5138dca09c0bb4e
SSDEEP

12288:QPpijuO4bKBDB7l+9LntQXct4vq4Xd4tVQKob+pgn:kpijuO4bsDB7SLntQXcSia47QKoqpgn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Light 1.0.exe

Files

Light 1.0.exe
.exe windows:1 windows x86 arch:x86

140094f13383e9ae168c4b35b6af3356

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
GetComputerNameA
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
SetErrorMode
Sleep
VirtualAllocExNuma

shlwapi

PathFindFileNameA

msvcrt

malloc
free
memset
strcmp
_strcmpi
strcpy

Sections

.text
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ