197c709455b9b74b81f3b765bbfc0c5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

197c709455b9b74b81f3b765bbfc0c5d
Size

118KB
MD5

197c709455b9b74b81f3b765bbfc0c5d
SHA1

d959ee4ca90a06dd22508d8dc7954800fa6e15e6
SHA256

ca3e240f4fbf56903224c06e4809bf5930c42bcb23b1bfabf088909ae900e700
SHA512

e03ce7224ff466ea37bfe099520bafa1a884ea5ecb1cf76ec92a5b0eb04f023ca91f4cb1cec52d9cada1d4f3f012f02ae0470f620caa65c6e9d3a6066abf81dd
SSDEEP

1536:JdOEXMyziH545cUK5+W+422g3ULsIKT1nN+NgYBntFpWSQQwUuKLPDRg3wfkjUZ3:Jwwjiq9o+R3ceNW7WEhLPDRg3wfkWl9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
197c709455b9b74b81f3b765bbfc0c5d

Files

197c709455b9b74b81f3b765bbfc0c5d
.exe windows:4 windows x86 arch:x86

14d9ff6be5a258ac9b2a26ea2a363865

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegEnumValueW
RegOpenKeyW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyA
RegDeleteKeyA
RegEnumValueA
RegQueryValueW

user32

CreateIcon
InsertMenuA
CloseWindow
GetWindowTextA
CopyIcon
LoadMenuA
GetMenu

comctl32

DrawStatusTextW
CreateStatusWindow
ImageList_Copy
CreateToolbarEx
ImageList_EndDrag
ImageList_Add
ImageList_LoadImageA
DllGetVersion
CreateUpDownControl

gdi32

GetCurrentPositionEx
CreateDIBSection
GetDCOrgEx
GetBitmapBits
CreatePenIndirect
SetTextColor

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 148KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 970B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 245B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ