17a9f9b95625cbdec9189271d534b33c | Triage

Sharing

General

Target

17a9f9b95625cbdec9189271d534b33c
Size

391KB
MD5

17a9f9b95625cbdec9189271d534b33c
SHA1

4faf36818b560af7d26c97ead986ff0ba98a4e2d
SHA256

6bf6f208bea5224c9cd3ccaecd61b3513c59b8c5a35e26af1b338e15b2c14ef1
SHA512

a4d74e469d122896d9e06446abb44198b3b030ecb1e8e3ba2aef0ef09e4fd57a097559e1851d363a43f8cc071ed4200cd8b73981e9c56aeacac8723a6013e0a8
SSDEEP

12288:5RMPHEAJLjpFv6w2K/PkFtlVMHFWg1EOfoMzCc3Sa0n:5RMPkAJLjpFvN/ytkjEOfoMWN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a9f9b95625cbdec9189271d534b33c

Files

17a9f9b95625cbdec9189271d534b33c
.exe windows:4 windows x86 arch:x86

b5b146fa800fe30abc20727c48c615c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
HeapCreate
GetPrivateProfileStringA
IsBadStringPtrW
GetFileTime
LoadLibraryW
WriteFile
ReleaseMutex
GetDriveTypeA
FindClose
CreateEventW
GetCurrentThreadId
TlsGetValue
GetEnvironmentVariableW
LocalFree
GlobalFlags
FindAtomA
lstrlenW
GetCurrentProcessId
InitializeCriticalSection

user32

CallWindowProcW
GetKeyboardType
DrawTextA
CreateWindowExA
GetSysColor
SetFocus
GetSysColor
GetClientRect
GetClassInfoA
EndDialog
IsWindow
DrawStateW
DispatchMessageA

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ