17549e99dc53d4bb9bd1f17e13136765

General

Target

17549e99dc53d4bb9bd1f17e13136765
Size

160KB
MD5

17549e99dc53d4bb9bd1f17e13136765
SHA1

43a56458f17108cac4415cee9199e987631a4d4f
SHA256

371f323ca98ddc1b0e12edb28d90b55052992a9edfe0b50b8ed0894e56714003
SHA512

c91715279a702af448856e016dfb5e65ec4034acc6014b3c35b4b080e365cb261457fab76b306b8f14dcba57a28fd0fdf0711c55df88eccd312500da5a3f7f53
SSDEEP

3072:UHl/MzZtze+L+TgbaezON4VHneMhteQgNjXnV1QddGsYW36neYwKoL:oWZtz/L+KNGgeMDe57TQTGsnK7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17549e99dc53d4bb9bd1f17e13136765

Files

17549e99dc53d4bb9bd1f17e13136765
.exe windows:5 windows x86 arch:x86

0fa90fe9f28b276495597c3e5fb156dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__set_app_type
time
_wtoi
__getmainargs
isdigit
iswspace
_onexit
memmove
exit
_XcptFilter

user32

GetSubMenu
GetForegroundWindow
GetWindow
EnableMenuItem
IsDialogMessageA
GetFocus
RegisterClassA
OffsetRect
MapWindowPoints
PeekMessageA
GetParent
GetClientRect
PeekMessageW
RedrawWindow
SetCapture
PostMessageW
FindWindowW
DialogBoxParamA
TrackPopupMenu
GetWindowRect
CopyRect
SetScrollInfo
GetActiveWindow
SetWindowTextA
CallWindowProcA
GetClassNameA
GetPropA
GetMenuItemID
IsWindow
DefWindowProcA

kernel32

HeapDestroy
GlobalReAlloc
GetEnvironmentVariableA
CreateMutexW
GetStartupInfoW
GetOEMCP
EnterCriticalSection
GetConsoleMode
GetCurrentDirectoryA
IsBadReadPtr
LockResource
GetDriveTypeA
GetDateFormatA
FindResourceA
GetWindowsDirectoryW
ExitProcess
GetCurrentThreadId
ReleaseMutex
LoadLibraryA
GetSystemDefaultLCID
LocalAlloc
GetLastError
VirtualAlloc
GetThreadLocale
GlobalFree
CreateEventA

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data/0x
Size: 63KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fa90fe9f28b276495597c3e5fb156dc

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 512B - Virtual size: 512B

.data/0x Size: 63KB - Virtual size: 297KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 512B - Virtual size: 512B

.data/0x
Size: 63KB - Virtual size: 297KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 1024B - Virtual size: 1024B