f1b2adc9a2350b666a90603576a6925a870e94e8ba9ac734dc9761cd29a8d07f[.]exe | Triage

Sharing

General

Target

f1b2adc9a2350b666a90603576a6925a870e94e8ba9ac734dc9761cd29a8d07f.exe
Size

174KB
MD5

7dc785415ad5e751a532f458f22f9b7d
SHA1

ec4b931eb061e97591af530357c93e5afe337464
SHA256

f1b2adc9a2350b666a90603576a6925a870e94e8ba9ac734dc9761cd29a8d07f
SHA512

73031db8f98e7c7ee61512266f397b32740c009c5d93f9ed00e079690d15550528a5aa49869d05009fde652e2be825549a891e7ee0e428a713282abe44455f93
SSDEEP

3072:2vW+2IUadlM4GD8hzSyM6kb5G1zIRObix0AoMBiOKoYkEI52Ap+hlmlzeHh4/T8C:2vW+Br6epkb5G1MRN0cBiroYI2Qlzb8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1b2adc9a2350b666a90603576a6925a870e94e8ba9ac734dc9761cd29a8d07f.exe

Files

f1b2adc9a2350b666a90603576a6925a870e94e8ba9ac734dc9761cd29a8d07f.exe
.exe windows:4 windows x86 arch:x86

fb52a06c7300e0a63e0318474fea93df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetEnvironmentVariableW
ConvertFiberToThread
CompareStringA
SystemTimeToFileTime
GetShortPathNameW
FindClose
SetThreadPriority
LocalFileTimeToFileTime
GetLocalTime
FileTimeToSystemTime
SetCurrentDirectoryW
FindResourceW
GetStringTypeW
EnumResourceNamesW
RegisterWaitForSingleObject
FindFirstFileW
LoadResource
FileTimeToLocalFileTime
FindNextFileW
SetErrorMode
FreeLibrary
SearchPathW

user32

GetCapture
RealGetWindowClassA
ValidateRect
ValidateRgn
ReleaseCapture
SetCapture
ExcludeUpdateRgn
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ