ARTeam IconChanger[.]exe | Triage

Sharing

General

Target

ARTeam IconChanger.exe
Size

9KB
MD5

c07deeaec6489437e2dd07c444aca614
SHA1

88133a33a7f2cbc95445718521027c84bd2ffc2c
SHA256

54d6bd8495e9b3fb3348e684b98e3e9de01643008afe8cddd541546e114c32da
SHA512

0ef4ad142ff38b359d95527a4a76890cc551210b8c54d26189adda45bde4679f31cebe5e2a82cd6ab9f0cb9878fc9714ee86fa7f97160948724927256013c734
SSDEEP

96:VLJLUKvPwq0v6b1ktjlokPhzrk6gcgUPtboynCP8cXI:VdL1vFT1yo03gcgUP1oyna34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ARTeam IconChanger.exe

Files

ARTeam IconChanger.exe
.exe windows:4 windows x86 arch:x86

542e46bdd4c61f3cddc5350b72f730bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EndUpdateResourceA
UpdateResourceA
SetFilePointer
BeginUpdateResourceA
CopyFileA
lstrcatA
GetFileSize
ReadFile
CloseHandle
CreateFileA
GetModuleHandleA
GetStartupInfoA

user32

DialogBoxParamA
PostQuitMessage
MessageBoxA
SetDlgItemTextA
GetDlgItem
EnableWindow
EndPaint
GetDlgItemTextA
EndDialog
LoadIconA
SendMessageA
DestroyWindow
BeginPaint
InvalidateRect
SendDlgItemMessageA

comdlg32

GetOpenFileNameA

shell32

ExtractIconA

msvcrt

realloc
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
malloc
free

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ