c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f
Size

17KB
MD5

1f7900f5c8d104873b6e816eeaca69ee
SHA1

e8130b50b5e94ffbbdd9bb3cf1bb2b476078cf0c
SHA256

c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f
SHA512

1320c46b7433f009744a0e1a7c266f0138b29e63c7e765f5930c302350aece80c81951986dbd088d9f6519bbd12632e13b46da13135333714dd4dbce443158a3
SSDEEP

384:iNgyUHgXLKEtcfompCGM3vawf6s8ue3ZddJbq907vvxlLMM:iNuA7KQcAmEdfawJ8zJddJWG7DMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f

Files

c1b2faac1313b5784b0ebdac3eed4e5514b2ef429f8091c159fde0214b49e06f
.exe windows:4 windows x86 arch:x86

ab907024972dd3f31937818d025e51f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

FreeSid

msvcrt

time

shell32

IsUserAnAdmin

user32

EndPaint

wininet

InternetOpenA

Sections

.MPRESS1
Size: 13KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE