sl972_1[.]exe | Triage

Sharing

General

Target

sl972_1.exe
Size

9.4MB
MD5

80e6dd6d56c204d777211c46eed45827
SHA1

de5eea6dc5b0e6d8e1c67f50ed748700b1a1137e
SHA256

6ca41a1659c34806439b5072e7d455efa1ee55071ef3da4d210bd51620e264fa
SHA512

8c6f792d6e01bd6570edb5681af7c23c3be2626d06b288907ae02fea9ab721ad12dcf098f99062aac22016c54efd266292be8c608c1f92ef8b767b5f7e70ef5a
SSDEEP

196608:dbHkM8GJlY/YrUiUXIVOmOJYo7aruIVqiD4JWvclKzlqzAJmbh+XUdi9yTo5m/sN:pRY/YrUiUXKpOJBWKau0iUq3y/Ruvgv/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sl972_1.exe

Files

sl972_1.exe
.exe windows:6 windows x64 arch:x64

060f1fdd4c28b012c5cbaa410e9e4b34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
GetConsoleCP
WriteConsoleW
VirtualProtect
CloseHandle
ReadConsoleW
GetLastError
Sleep

comctl32

ImageList_BeginDrag
FlatSB_SetScrollProp
ImageList_Copy
ImageList_GetIcon
ImageList_Add
ImageList_Merge
MenuHelp
UninitializeFlatSB
PropertySheet
LBItemFromPt
ShowHideMenuCtl
InitCommonControlsEx

shell32

SHGetSpecialFolderLocation
SHGetDiskFreeSpaceExW
SHHandleUpdateImage

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9.1MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ