5c17dd7c936d69c34b6a35aa525221601d58e8c65c44b4d3fa2bbb140c5bde94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c17dd7c936d69c34b6a35aa525221601d58e8c65c44b4d3fa2bbb140c5bde94
Size

572KB
MD5

520ba6bb5a6774667921aa17521a9d68
SHA1

43a8ee93282d9ba78eac8aa85184b60aaf28c5a8
SHA256

5c17dd7c936d69c34b6a35aa525221601d58e8c65c44b4d3fa2bbb140c5bde94
SHA512

36a99f2d5ecfde1657f08c1b733290653d8d864e1e5b718b27831c95ef667779c753e6666e8b786fa8a0b24dbb3d5d4d2026680e6c249eeba7d2937aec52aad3
SSDEEP

12288:x2KtHwU0K4lvRr26k0BdSgp1IrOEMln7CRRsoDNelak95lx:gKtHwU0h/rBdfuOEY7avDslak95l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c17dd7c936d69c34b6a35aa525221601d58e8c65c44b4d3fa2bbb140c5bde94

Files

5c17dd7c936d69c34b6a35aa525221601d58e8c65c44b4d3fa2bbb140c5bde94
.exe windows:6 windows x86 arch:x86

a238dd5e708b2e5b98247b73320c973d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
ExitProcess
ReleaseSRWLockExclusive

user32

GetDC
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
GetObjectW
SelectObject

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ