1c204f64e12cefa0db1a785b59c0417e74207495c28457020542f70347e62e56N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c204f64e12cefa0db1a785b59c0417e74207495c28457020542f70347e62e56N
Size

80KB
MD5

f7e5f9184fb24f6f00fe42f80146f010
SHA1

b92ec1d53034923d288879156b1890b7be664e6a
SHA256

1c204f64e12cefa0db1a785b59c0417e74207495c28457020542f70347e62e56
SHA512

a0d9cdb19a8c4f9ba0ce27883066ff15067d65396fce4dcab09c8082d020297da00edfbc24c2750bf2f75307d1e8b1e795a802d9583b1a8c0c23eb7bbecfe236
SSDEEP

1536:YCAzt1wQhz8+u1BfShIQnx7N8ZcTCbj5jCe1Hvb3:TqzJu1BfShroK+5Ce1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c204f64e12cefa0db1a785b59c0417e74207495c28457020542f70347e62e56N

Files

1c204f64e12cefa0db1a785b59c0417e74207495c28457020542f70347e62e56N
.dll windows:4 windows x86 arch:x86

4ae8cce1cdb668a8fad907517a62efc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

pdb.pdb

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
ReplaceFileA
Beep

Exports

Exports

hwafa

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ