17b32fb796ac486275dac0fec9abef55 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17b32fb796ac486275dac0fec9abef55
Size

63KB
MD5

17b32fb796ac486275dac0fec9abef55
SHA1

8155697e2e3327767d07b6067f1e4c1e1cd78151
SHA256

58c846801fd306125564cf3da268941197247b25bcb904e67cd4b915bd78cbfd
SHA512

1d54cee5fdb8fcfa99c5940d485abb88273940da80a4afc137eadfda30a2ae0fbda3425002f6ebc49734ed6099c3c9c70f56486655431056754835399bc417c1
SSDEEP

768:iFowwwwG8m7s+ecCzHnY2sXdn+FcTN7tqMbTXH4USvqr3hHdwhIJbNWAxJ52top6:VaRX7klvqrx9DIA12vMLrutgO8b48uPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17b32fb796ac486275dac0fec9abef55

Files

17b32fb796ac486275dac0fec9abef55
.exe windows:4 windows x86 arch:x86

f53e3dfb651a04625a2fafeee52689f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
SetProcessShutdownParameters
CommConfigDialogA
VirtualProtect
Module32First
GetDateFormatA
HeapSummary
HeapSummary
WaitForDebugEvent
ChangeTimerQueueTimer
MapUserPhysicalPages

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE