4217a8b8c14491fadc2cb4d71776f1a1 | Triage

Sharing

General

Target

4217a8b8c14491fadc2cb4d71776f1a1
Size

39KB
MD5

4217a8b8c14491fadc2cb4d71776f1a1
SHA1

dd77bbb31dc620e84d969e015bc3a39d8e85beaf
SHA256

44fe69bcf4709ffa0a3d360b1183cd1e76767fca98fb426ab2a47cce9f346b57
SHA512

50dfbc9505666c21d828fd6ddba10662d173e21ed0ceae618b3014da479421c0acf96cbf4eeca5f2858badf1dc923f5dda40e3583b4ed42d08bb4eca24e6de95
SSDEEP

768:jJ7Ln2I2hqCniGU1JTcyZI9BZIVKRvw21nnnnRYZxX:B6fL4UBZiKRY+YfX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4217a8b8c14491fadc2cb4d71776f1a1

Files

4217a8b8c14491fadc2cb4d71776f1a1
.exe windows:4 windows x86 arch:x86

fb4f95e4d6c260b580747a98a2a0ed54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetLastError
Sleep
CloseHandle
HeapDestroy
ReleaseMutex
SetEvent
CreateThread
AddAtomA
GetDiskFreeSpaceA
GetModuleHandleA
DeleteCriticalSection
GetTickCount
TlsGetValue
FindVolumeClose
lstrlenA
FindResourceExA
GetConsoleFontSize
VirtualProtect
SearchPathA

user32

GetScrollBarInfo
CreateWindowExA
EndDialog
CreateMenu
CopyIcon
GetKeyState
CopyImage
EnableWindow
DispatchMessageA
CloseWindow
GetMessageA
DialogBoxParamA
DragDetect
IsIconic

hlink

HlinkNavigate
HlinkResolveShortcut
HlinkTranslateURL
HlinkIsShortcut
HlinkClone

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ