17c039b38e5ac84790eb44dd3f24d03d | Triage

Sharing

General

Target

17c039b38e5ac84790eb44dd3f24d03d
Size

7KB
MD5

17c039b38e5ac84790eb44dd3f24d03d
SHA1

965e9479a697c397129865640f0869367fa17095
SHA256

d75e0d6bfd6cfcd82414ceb55011cca60eb4dc428539a8e7277644225dc82d8f
SHA512

c7ba472faeb63d6d45a965bd8b071b463da97b8607de966538045b0ac2ed16c73fb1746a390b0396bfa4df00b62e22526b5237a74d05aeabb514583dd3988cef
SSDEEP

96:AEz144444444444444444Bu44444444444444444A44444444444444444144441:AEQi8KzKVQuRdxWdV06qKKF2dKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17c039b38e5ac84790eb44dd3f24d03d

Files

17c039b38e5ac84790eb44dd3f24d03d
.dll windows:4 windows x86 arch:x86

857fcbe34c42866a1d9a1f95626351f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
lstrlenA
GetUserDefaultLCID
GetLastError
HeapAlloc
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
HeapFree
GlobalAlloc
CloseHandle
lstrcpynA

user32

wsprintfA
CharLowerBuffA

advapi32

RegCloseKey
RegOpenKeyA
RegEnumValueA

wininet

FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
InternetCrackUrlA

Exports

Exports

CheckIEHistory
GetVerID

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ