1d3d325b621524c2d277f8e9cd3b50869c2c29a34d1f3bba2535c82ce6eff49b | Triage

Sharing

General

Target

1d3d325b621524c2d277f8e9cd3b50869c2c29a34d1f3bba2535c82ce6eff49b
Size

5.5MB
MD5

4af2e6a8be2b1862e2e1fb834da6a927
SHA1

cb01022fa8b4884e17cfc26b2320d166058c5e99
SHA256

1d3d325b621524c2d277f8e9cd3b50869c2c29a34d1f3bba2535c82ce6eff49b
SHA512

b174b4fb021930b2515236876e1145dd585c7a40949cd6647c0cb88e6efd20382926d6bbae686f5b0b94610c4b47e40293f4452d408ee34403a8093ffecc81ce
SSDEEP

24576:RFVmFF1UBOW6UWaPXiWdLSvwboQyzcQWQatx50PcL+J0qTIPwPyUCZv9F8JissLs:7Dxww8uX2FjHCdl+hnCqimL47JAl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1d3d325b621524c2d277f8e9cd3b50869c2c29a34d1f3bba2535c82ce6eff49b

Files

1d3d325b621524c2d277f8e9cd3b50869c2c29a34d1f3bba2535c82ce6eff49b
.exe windows:6 windows x86 arch:x86

431064de93cee973fffdc679b25aa491

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
GetComputerNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetStdHandle
DeleteFileA
OpenFileMappingA
CreateNamedPipeA
ExitProcess
VirtualAlloc
GetCurrentProcess
GetNamedPipeInfo
GetNamedPipeHandleStateA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ