17f9e123b62bac12b1a8c93ece8e6824c8fce289018c4f6811b0aa1c99065233

Sharing

Copy URL Twitter E-mail

General

Target

17f9e123b62bac12b1a8c93ece8e6824c8fce289018c4f6811b0aa1c99065233
Size

111KB
MD5

7c2167401bd6e0b1081a3913774fd4d0
SHA1

1c8e38aede7943c8d775d7ffaa66bf18595f1c95
SHA256

17f9e123b62bac12b1a8c93ece8e6824c8fce289018c4f6811b0aa1c99065233
SHA512

891b3aaffbc7130bd7004e938114bbe6690c546a9f6191905ec6e94aa52ba073559b5632a49bcf116fd239c3f0bd7f1e62d048e47b092f9513ff67d4642140b0
SSDEEP

1536:IPDM1xktjR9VMKQ6STpGthgi4bo9iI8k1Yvnjk/nmRqRHn6CxVBpPU6g8vW:ozBR9+kSTRi4bo9r8gMQm6HfHpPUMe

Score

N/A

Malware Config

Signatures

Files

17f9e123b62bac12b1a8c93ece8e6824c8fce289018c4f6811b0aa1c99065233
.exe windows x86

d6381ff2e3dc5177ef62e90a85a04ccd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p___initenv
wcslen
strncmp
signal
_exit
_stricmp
_adjust_fdiv
__setusermatherr
_controlfp
free
fread
calloc
_initterm
fputs
_snprintf
fwrite
strstr
__p__commode
_except_handler3
sinh
_XcptFilter
__getmainargs
__p__fmode
__set_app_type

comdlg32

GetOpenFileNameA

kernel32

TerminateProcess
IsDBCSLeadByte
GetNumberFormatA
GetVersionExW
GetFileType
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
WaitForSingleObject
WideCharToMultiByte
GetCurrentThreadId
lstrcmpA
DeviceIoControl
lstrcpynA
GetTimeZoneInformation
ExpandEnvironmentStringsA

user32

PeekMessageA
EndPaint
PostQuitMessage
SetScrollInfo
LoadCursorA
SetDlgItemTextA
GetSystemMenu
GetIconInfo
GetDlgItem
GetLastActivePopup
CallNextHookEx
OffsetRect
GetSysColor
LoadBitmapA
IsIconic
RemovePropA
ReleaseCapture

advapi32

RegQueryValueA
OpenSCManagerW
RegDeleteKeyW
RegCreateKeyExW
OpenThreadToken
AllocateAndInitializeSid
OpenServiceW
CryptAcquireContextA

gdi32

LPtoDP
GetPixel
CreateMetaFileW
SetWinMetaFileBits
GetCharacterPlacementA
SetViewportExtEx
GetTextExtentPointA
PolylineTo
DPtoLP
AbortDoc
EndDoc
BeginPath
SetROP2
GetObjectType

ole32

DoDragDrop
StgCreateDocfileOnILockBytes
CoCreateGuid
CoRegisterClassObject
CreateBindCtx
IsEqualGUID
CLSIDFromString
CoGetClassObject
ProgIDFromCLSID
RevokeDragDrop
StringFromIID
StgOpenStorage

comctl32

DestroyPropertySheetPage
ImageList_SetBkColor
ImageList_DragLeave
ImageList_GetBkColor
PropertySheetW
InitCommonControls
ImageList_Create
ImageList_GetImageCount
ImageList_DragEnter
ImageList_DrawEx
ImageList_DragShowNolock
CreateStatusWindowA
ImageList_SetDragCursorImage

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6381ff2e3dc5177ef62e90a85a04ccd

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

advapi32

gdi32

ole32

comctl32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 37KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 37KB

.rsrc
Size: 32KB - Virtual size: 32KB