173c8fd8385a5ed0baafddf05aa0dcc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

173c8fd8385a5ed0baafddf05aa0dcc4
Size

56KB
MD5

173c8fd8385a5ed0baafddf05aa0dcc4
SHA1

69ba887722b2de78cedaee477ed9e9dff45a0b5f
SHA256

631b4f71f5148ed069d5c211a9ce6cc8b628fbcea4ca91edc4dbddf432257e98
SHA512

f20fd38c4f3f5b46b708503f2333c42bf3c8c28b13dc51f3044cae286a02f87e7d9858be5d704a64d421d5cf32ed9781bc47a5f656b4291747048785b8f3f593
SSDEEP

768:sd6xcZg71DfwL84e6MZn0QoyN3O50vtgIEr0ypChgfaVCOmaV6vVuLSU:sdGcZg71joy3epIn7hgiVCORsuL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
173c8fd8385a5ed0baafddf05aa0dcc4

Files

173c8fd8385a5ed0baafddf05aa0dcc4
.exe windows:4 windows x86 arch:x86

12cd8a8ec720f9b62bddd21a4534284f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SuspendThread
WaitForMultipleObjects
GetFileAttributesExW
CreateEventW
ReadProcessMemory
CloseHandle
FindClose
MultiByteToWideChar
Sleep
LoadResource
GetFileSize
SetLastError
MoveFileW
GetTickCount
FindResourceExW
LoadLibraryA
GetLogicalDrives
GetDriveTypeW
SetCurrentDirectoryW
LockResource
FindResourceW
FreeLibrary
GetLocalTime
FindNextFileW
GetLastError
SetEvent

user32

SetCursor
RegisterClassExW
GetMessageW
TrackPopupMenu
LoadBitmapW
InvalidateRect
PostMessageW
IsDlgButtonChecked
SetCursorPos
SystemParametersInfoW
DestroyMenu
DestroyIcon
IsWindow
DefWindowProcW
VkKeyScanW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE