17a675765add99681945441c3bc50bbf[.]bin | Triage

Sharing

General

Target

17a675765add99681945441c3bc50bbf.bin
Size

384KB
MD5

17a675765add99681945441c3bc50bbf
SHA1

0dfb6f344729ea330eabc8eb37ac00d31b8e8c5d
SHA256

5d5a81de55f32a9c686c9981d7ebc3bc5212fa09a3f1700993ce81fbf347826e
SHA512

b6df83fa2f1672d21409c4fa79fbba9140566633fb46a21952cdf0f12a6638eed237e9c487fadb65fc797eae3d5796ee4f7c99a8c00518352fed63fcd2bf9196
SSDEEP

6144:XtYtqRv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808Os:bR5GdCs0O1BkBqwtjFc0fTjZOT59ozIu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a675765add99681945441c3bc50bbf.bin

Files

17a675765add99681945441c3bc50bbf.bin
.exe windows:4 windows x86 arch:x86

ecd5d0160913051b4f26a40a56994218

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetModuleHandleA
GlobalLock
CreateEventA
FindClose
DisconnectNamedPipe
GetACP
LocalFree
GetStdHandle
LoadLibraryExA
IsDebuggerPresent
GetConsoleCP
CreateFileA
CloseHandle
GetFullPathNameA
FreeEnvironmentStringsA
GetLastError
LocalUnlock
CreateFileMappingA
IsBadReadPtr

user32

GetMessageA
DefWindowProcA
EmptyClipboard
PostMessageA
IsWindow
ScrollWindow
GetIconInfo
CreateDialogParamA
DispatchMessageA
EndDialog
GetDlgItem
SetFocus
GetDC
DrawIconEx

uxtheme

EnableTheming
GetThemeColor
DrawThemeIcon
GetThemeMetric
CloseThemeData

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ