017bc371135041e947281ad830c9db95 | Triage

Sharing

General

Target

017bc371135041e947281ad830c9db95
Size

74KB
MD5

017bc371135041e947281ad830c9db95
SHA1

e523a3e3d223145ddea186f5a827875fe12760fa
SHA256

baa5bd640a33b372e5537f3120c86c46dbf31d3ad5739cd6d64c15dff56903c0
SHA512

c4ec17ba019a5b063b81867cc46225d7b7518e449d5d11136aede09856a282912ecb76d8a5ca96ed49dc388369de295216a04041bd79fa0522271f60b6b85007
SSDEEP

1536:jB216pueymNFIkMqj+/7QeeMUy3+R8kVdhpSxzzPZdcUjthSYILvVJ:jBw6pTybeg7Q/MER8kNpQztjthSdv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
017bc371135041e947281ad830c9db95

Files

017bc371135041e947281ad830c9db95
.exe windows:4 windows x86 arch:x86

786c270f9bf875c3346c75a1ea619a6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

InvertRgn
PolyPatBlt
RectVisible
CreateRectRgn

msvcrt

_copysign
__p__tzname
__p__wpgmptr
_mbsnicmp
_dup
_getws
_inp

kernel32

CreateEventW
GetCommConfig
GetCurrentProcessId
GetThreadLocale
LocalAlloc
LocalHandle

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE