c17964b72c3c0019aafe93603afd48a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c17964b72c3c0019aafe93603afd48a0
Size

89KB
MD5

c17964b72c3c0019aafe93603afd48a0
SHA1

feb39fc443763ec6deb175437786eae8ad36a22d
SHA256

51c3d0a7f30fcfe890473cb6e7b094f0f755aecfff2e9ce0417d4a703d6307f6
SHA512

ac4401e0656750dfc6701a58ad8eb82d0e8bc4fa9c155eec920107e698899520c0c17818d582051cd2282d6fe95cec9864fc407828df1ae76cb0b07e0952104a
SSDEEP

1536:bpz8+HptZUqIq7es/vKIlrEJkPUgrqQYldvq:bRJp/vzrENlN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c17964b72c3c0019aafe93603afd48a0

Files

c17964b72c3c0019aafe93603afd48a0
.exe windows:4 windows x86 arch:x86

194bd99e9478f9da09cb85ea6935b66e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetEvent
ReleaseMutex
FindResourceExA
FindAtomA
CreateThread
GetLastError
FindVolumeClose
lstrlenA
GetDiskFreeSpaceA
TlsGetValue
Sleep
SearchPathA
FindClose
GetTickCount
GetModuleHandleA
GetCalendarInfoA
CloseHandle
VirtualProtect
DeleteCriticalSection

user32

GetMessageA
GetKeyState
EndDialog
CreateWindowExA
EnableWindow
CreateMenu
DialogBoxParamA
DragDetect
DispatchMessageA
GetUpdateRect
GetScrollBarInfo
CopyImage
IsIconic
CloseWindow

msdmo

DMOEnum
DMORegister
DMOGetName
DMOUnregister
DMOGetTypes

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE