517bc996ca1bd0a4069e109cff1c9bcf

Sharing

Copy URL

Twitter E-mail

General

Target

517bc996ca1bd0a4069e109cff1c9bcf
Size

227KB
MD5

517bc996ca1bd0a4069e109cff1c9bcf
SHA1

334e849653632905a71c7afdfc7f1e2b3f27cc44
SHA256

4ef7e23ae13543d794cbf2931fa78cf7bbf7d9c73d953f615570543c9ba1f656
SHA512

e4665b0a1391c634a92f2c2b4eee2cbffc59027796147cafd573b63a0b10cbf31928485540c9853b9bc271044d376ddd159ae1a86da1becef4121d0c78eda75d
SSDEEP

3072:P8xW7VTCsVmuz+Ydh7f/+fmItroNaCKMz5LEK0sdf:HNH1znJfGfptrqg3y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
517bc996ca1bd0a4069e109cff1c9bcf

Files

517bc996ca1bd0a4069e109cff1c9bcf
.exe windows:4 windows x86 arch:x86

b021312ff841a73ba19de6936dd2a6a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessWorkingSetSize
VerSetConditionMask
SetFileValidData
PeekConsoleInputA
SetConsoleCursor
RtlZeroMemory
CloseHandle
RtlUnwind
RtlMoveMemory
RtlFillMemory
RtlCaptureContext
RtlCaptureStackBackTrace
CommConfigDialogW
WritePrivateProfileStructA

ntdll

RtlSecondsSince1980ToTime
RtlLockHeap
RtlNewSecurityGrantedAccess

user32

ClientToScreen

ole32

CoFreeLibrary
SNB_UserFree

advapi32

SetSecurityDescriptorDacl

gdi32

CreateHatchBrush
GetPixel
GetSystemPaletteUse
GetTextCharacterExtra
SetPixelV
ExtFloodFill

ntdsapi

DsCrackNamesW

ddraw

DirectDrawEnumerateA

Exports

Exports

D3tY
FfBzBrMxFzYU8bnuAaF5CY
Fwiv6o8L
ORbMgfPEIyuaK32FqYu0
R1Lo6kRa4RUj
e9Zvbtw65znan0JvTplsFz
lnSmsM1ZjvQUZs1zO

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b021312ff841a73ba19de6936dd2a6a9

Headers

File Characteristics

Imports

kernel32

ntdll

user32

ole32

advapi32

gdi32

ntdsapi

ddraw

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 19KB - Virtual size: 302KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 19KB - Virtual size: 302KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 2KB