c0179947abac8555f081abc1f1a799af | Triage

Sharing

General

Target

c0179947abac8555f081abc1f1a799af
Size

186KB
MD5

c0179947abac8555f081abc1f1a799af
SHA1

318224ef595808c8387de59c24d28c72d504b3eb
SHA256

a1eb12a385e825d5af12b6234677b7dafebf8149f05f94b50834147d245ccf54
SHA512

74039fba4e9ef5b6a76c2f2f1ff66c8d4decfbd6c1e5bf281643015f725a30bc9162aaa8693912b8a137c41d0f55492b8bb7cad7482808dcec9c225499bceecb
SSDEEP

3072:755iX0FXsKkygw6yDJO3XiMlKRkXUFGSA2BfM2FkO+gXv3uh9IzZpXjP:t5R8q5JkvkGchfM2F9JXv+hIpjP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0179947abac8555f081abc1f1a799af

Files

c0179947abac8555f081abc1f1a799af
.exe windows:5 windows x86 arch:x86

520ab5afa1ad98252a45d7bfafffe31b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\krpad\wzeq\tbnkhCbn.pdb

Imports

user32

GetScrollPos
CharUpperBuffA
SetWindowPlacement
DestroyIcon
GetClassInfoExA
GetWindow
LoadBitmapA
LoadIconW
MapDialogRect
CharLowerA
ShowCursor
FindWindowExW

gdi32

RestoreDC
SetBitmapDimensionEx
PathToRegion
RealizePalette
BeginPath
CreateSolidBrush
ExtTextOutA
PolyBezier

ntdll

_aullrem

kernel32

SetNamedPipeHandleState
lstrcmpiW
GetComputerNameExA
GetStartupInfoA
LocalUnlock
GetModuleHandleW
LocalReAlloc
GetProcAddress
IsDBCSLeadByte
IsValidLocale
GetLocaleInfoW
lstrlenW

Exports

Exports

?TkzagOuGXKDAg@@YGJPAJN@Z
?gEqfvvBs@@YG_NPAG@Z
?sMuTfibDCgmAmvty@@YGMJ@Z

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ