1773f7bd322e98c9ad6800a90e830956 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1773f7bd322e98c9ad6800a90e830956
Size

15KB
MD5

1773f7bd322e98c9ad6800a90e830956
SHA1

3d3f4608834ad1dd82a654d9de8b5b7f2da4347b
SHA256

7def1c1c7f30389eacdebcc4db69558debbf3ce7b743bbcde2f96777af9be63b
SHA512

0e1f60514658832477eb201bbef362da8c7fb7f3fd0af25347f95c701ac94d3e61d22932dddace7867cf9c46daf502a5e55908010a1bbcaf12273545425fc8df
SSDEEP

192:acQoI2gai6Q3mhhkkyRhV1ldlv4w0+0u9H+2T1IJXIknpumSqKAnZpRk9XGiT6:ZQj2bi6QWhhkJKWP9j1lWumKeKTT6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1773f7bd322e98c9ad6800a90e830956

Files

1773f7bd322e98c9ad6800a90e830956
.exe windows:8 windows x86 arch:x86

9c9ea704d81a8b5b13199808ef912d9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
QueryPerformanceCounter
GetCommandLineA
SetEvent
GetCurrentProcess
GetCommandLineW
GetCommandLineA
GetTickCount
FormatMessageW
GetCurrentProcess
GetCurrentProcessId
VirtualFree
GetProcessHeap
QueryPerformanceCounter
FormatMessageW
FormatMessageW
WaitForSingleObject
SetEvent
FormatMessageW
GetModuleHandleW
GetCommandLineW
VirtualFree
QueryPerformanceCounter
GetCurrentProcess
GetACP
GetModuleHandleA
LocalFree

user32

PostMessageW
ReleaseDC
PostMessageW
ReleaseDC
SendMessageW
PostMessageW
SendMessageW
DestroyWindow
ReleaseDC
GetDlgItem
SendMessageW
GetMessageW
GetDlgItem
GetDC
GetSystemMetrics
GetDC
GetSystemMetrics
ReleaseDC
DefWindowProcW
GetWindowRect
ReleaseDC
GetDlgItem
DefWindowProcW
GetDlgItem
DefWindowProcW
LoadIconW
ShowWindow

ntdll

NtAllocateVirtualMemory

Sections

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ