1e1bdfd4e612a1d832ec913ced852a906b28863e77f23b011013bd86ce1bbe6c[.]exe | Triage

Sharing

General

Target

1e1bdfd4e612a1d832ec913ced852a906b28863e77f23b011013bd86ce1bbe6c.exe
Size

188KB
MD5

7ee39b38f507ed65c497c49f2f6f0504
SHA1

7580cbfc8913a8f7d3582958bd428fd281882db2
SHA256

1e1bdfd4e612a1d832ec913ced852a906b28863e77f23b011013bd86ce1bbe6c
SHA512

a40fb026f693c715215de45286d10defff6cd5684f86f24ea0aa2b87f0c121ac3491d17b73ec049b8f9f39b93e0a449dd5775cf08e6bdc917f81a686675ab081
SSDEEP

3072:2s/pebp6nCyce+ORB7ur9WMQn+OQVm24KsOz8p5UhrJHWnTA+ims:9LPceHRBQWqwXEz8puRWnTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e1bdfd4e612a1d832ec913ced852a906b28863e77f23b011013bd86ce1bbe6c.exe

Files

1e1bdfd4e612a1d832ec913ced852a906b28863e77f23b011013bd86ce1bbe6c.exe
.exe windows:4 windows x86 arch:x86

e6a46f58d3085211a1da30bd7ea10ef5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoInitialize
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

HeapSize
GetVersion
GetCalendarInfoW
GetStringTypeA
GetCPInfo
GetVersionExA
FindResourceA
GetCurrentProcess
GetStringTypeW
Sleep
GetTempPathA
GetFullPathNameW
CreateDirectoryA
CompareStringA
SetHandleCount
DeleteFileW
SystemTimeToFileTime
EnumResourceNamesA
lstrcpynA
GetModuleFileNameA
MultiByteToWideChar
HeapCreate
GetStartupInfoA
GetTickCount
HeapDestroy
QueryPerformanceCounter
lstrcpynW
ExpandEnvironmentStringsA
InitializeCriticalSection
GetCurrentProcessId
DeleteFileA
GetNumberFormatA
GetLocaleInfoA
IsDBCSLeadByte
WaitForSingleObject
WideCharToMultiByte
ExitProcess
GetFullPathNameA

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ