c217fe05dbdd8e33a1875f529c7e560a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c217fe05dbdd8e33a1875f529c7e560a
Size

165KB
MD5

c217fe05dbdd8e33a1875f529c7e560a
SHA1

ba822c6676447e8cd1ef9622641730f96ef50975
SHA256

e1ccf0bd3e1397bd8b06a41dd5a36ecb0e4f0175c91702d8e84db68a18fff889
SHA512

6e8943f57401e3cec81e7639753a412c96a2223a3ead12317157893299d3f54f5f69c47428726c2ef2081bc9c6fdcbc98ab0f2fe8aad7136fb7c77f7e750ca88
SSDEEP

3072:RF8sPZpxGrYn3+KNaAbz09SpcoWrpMi+nBZwB5OY1iHORUNbIjuILF7CFlI8mbU8:RurajJI9ScMlBZk8Y1QOOb2JLFMlaAn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c217fe05dbdd8e33a1875f529c7e560a

Files

c217fe05dbdd8e33a1875f529c7e560a
.exe windows:4 windows x86 arch:x86

ce78ceac0796e021957e67521b0c3817

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetDeviceCaps
GetTextMetricsA
SelectObject
GetTextExtentPointA
DeleteObject
CreateFontIndirectA

kernel32

GetCPInfoExW
WideCharToMultiByte
GetEnvironmentStrings
GetOEMCP
MultiByteToWideChar
HeapSize
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
GetThreadLocale
InterlockedExchange
QueryPerformanceCounter
InterlockedIncrement
GetVersionExA
lstrlenW
GetTickCount
DeleteCriticalSection
GetFileType
EnumResourceTypesA
GetLocaleInfoA
FreeEnvironmentStringsA
EnterCriticalSection
InitializeCriticalSection
LoadLibraryW
GetACP
TlsSetValue
WriteFile
GetLastError
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
GetCPInfo
RaiseException
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId

ole32

CoGetMalloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ