a17524b2cd919a0ea9b3f96c6974ae70N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a17524b2cd919a0ea9b3f96c6974ae70N.exe
Size

171KB
MD5

a17524b2cd919a0ea9b3f96c6974ae70
SHA1

00d8c2740ec9e9d571cc35a3f973448faa9e6fe2
SHA256

bef9a40d4b5ad182a49598341edab7c4009bb64dc16842659bbfcbea37160155
SHA512

e43da06bc886e399c549895ea93910803b13ef9185ea52ce8c3c8ca34137f672f6489320302e0679285d4c0ed2cf8c96da4592963ecb614698f4b95ee6d18155
SSDEEP

3072:sCx969mf1oCBEyUmY8Hb6smCDpDjL0dbKKHwYLWekmRaMBQoVqy8j2GEctsMYDC9:sCzn9BVUmFH5hpDiqY/LHVl8yhxJgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a17524b2cd919a0ea9b3f96c6974ae70N.exe

Files

a17524b2cd919a0ea9b3f96c6974ae70N.exe
.dll windows:4 windows x86 arch:x86

0da51f557344ef08d337e9c032c1a95a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc42

ord389

msvcrt

memcpy

user32

wsprintfA

advapi32

AdjustTokenPrivileges

ws2_32

htons

shlwapi

StrStrIA

ole32

CoInitializeSecurity

oleaut32

SysFreeString

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

netapi32

Netbios

Exports

Exports

GetColor
InputFile
PrintFile

Sections

.text
Size: 163KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE