17dcaf319651a85e9714b786615534a3c37901db77c092d3aa58f4292d614fa8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17dcaf319651a85e9714b786615534a3c37901db77c092d3aa58f4292d614fa8
Size

1.3MB
MD5

1c9d1cccccc09b13b6c1ef6eddd03fe4
SHA1

3b139a17d7b86858316c9ef43327203beff08add
SHA256

17dcaf319651a85e9714b786615534a3c37901db77c092d3aa58f4292d614fa8
SHA512

16d745cac99de3e4ca3a85eb8c1b2e4af2d8f25f6d29a2e7eb6a4e718539c8663ee577beeb11089242f68afc8d4d09de58826411114e44845fabfcef9ed801e1
SSDEEP

24576:v16szcp0jv8m2eeW63+hOwP8Fw0iXX2gM5bRbG8A:vROW62KV+6bG8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17dcaf319651a85e9714b786615534a3c37901db77c092d3aa58f4292d614fa8

Files

17dcaf319651a85e9714b786615534a3c37901db77c092d3aa58f4292d614fa8
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 840KB - Virtual size: 839KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ