1a2d5e69f1dbd608bb2630f7c8ae2a07dc2fe5cdec2376319937bf7f62d468a4N | Triage

Sharing

General

Target

1a2d5e69f1dbd608bb2630f7c8ae2a07dc2fe5cdec2376319937bf7f62d468a4N
Size

5.3MB
MD5

dc21bdd709b0043081f9d593c5eb0950
SHA1

82b88aef7c24f5e4fb94d9cd619b2cf02d49482d
SHA256

1a2d5e69f1dbd608bb2630f7c8ae2a07dc2fe5cdec2376319937bf7f62d468a4
SHA512

b9d0ef3eb6611dc7b7649996da3da0ffcfc7c00af6735342d793acae766b0108ed815fb4d72ae98208e542dc3d704e1c2c3d9f384e3226559becc65ad7a4c5d5
SSDEEP

98304:xivmGMDlsrwXdxIjBy6e5UZpqk8PEYw53:xvGMBpXdxIjByj5QpqfJQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1a2d5e69f1dbd608bb2630f7c8ae2a07dc2fe5cdec2376319937bf7f62d468a4N

Files

1a2d5e69f1dbd608bb2630f7c8ae2a07dc2fe5cdec2376319937bf7f62d468a4N
.exe windows:1 windows x86 arch:x86

140094f13383e9ae168c4b35b6af3356

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
GetComputerNameA
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
SetErrorMode
Sleep
VirtualAllocExNuma

shlwapi

PathFindFileNameA

msvcrt

malloc
free
memset
strcmp
_strcmpi
strcpy

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ