00172091df0d0f180cd5d4a3671301b0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00172091df0d0f180cd5d4a3671301b0N.exe
Size

7KB
MD5

00172091df0d0f180cd5d4a3671301b0
SHA1

8aebd4edbc1bca1683207ad24e856debc6a86db0
SHA256

85dc3b609edc1097139c0a70c9c0bf240e962e82b6148396fd982d6296156ee1
SHA512

3ab7353255fa276a3c7e4bd31cedfa95932a02d7b8df874a55e0a2c9f69336e38fc7b1a0eaa6390ec3c33b34f73df9fa788a9453eaaa3bc6931e0360d213abed
SSDEEP

96:b4X1c6fXkkZSBBUSilnzmnVGDiWlokrwxY26uU0avPDe:bA1ckk3BTilzUPzkrwxYooDe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00172091df0d0f180cd5d4a3671301b0N.exe

Files

00172091df0d0f180cd5d4a3671301b0N.exe
.exe windows:4 windows x86 arch:x86

cbf47572e8cb446c01bd5522c7d7f827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
lstrcpynW
GetFullPathNameW
SetEnvironmentVariableW
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
GetEnvironmentVariableW
GetVersion

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE