17ff50983673481cdba0c663ccdc9404f7153941f50412dfe1a4c89adbe9512b

Sharing

Copy URL Twitter E-mail

General

Target

17ff50983673481cdba0c663ccdc9404f7153941f50412dfe1a4c89adbe9512b
Size

736KB
MD5

831b6263f5700f78643b47f911b4d8f2
SHA1

53620acebecd20e3128ed87e3def561ccdd20765
SHA256

17ff50983673481cdba0c663ccdc9404f7153941f50412dfe1a4c89adbe9512b
SHA512

6d05aeb8d58bdb552720e137c726b1ffaea25ae3c3c5febebf069232d2d1a7c58e6959e23ccba98e13a72d33ba91619f82c223859fcca1488d8c9a41ae3ae49b
SSDEEP

12288:ULMMVeH8ef1w7Ti/N60glmpSVu/w2LGMc6c1nuMBWW8eS:ULMUy1w7TJB2g//7nT

Score

N/A

Malware Config

Signatures

Files

17ff50983673481cdba0c663ccdc9404f7153941f50412dfe1a4c89adbe9512b
.exe windows x86

3e3f0a552d98f1e49b0f26b16ac6e40e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_GetImageCount
CreateToolbarEx
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_GetIconSize
ImageList_SetBkColor
PropertySheetW
ImageList_LoadImageW
ImageList_Destroy
ImageList_Write
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_Remove
ImageList_DrawEx
ImageList_SetDragCursorImage

msvcrt

wcscspn
_time64
__p__commode
_winminor
isdigit
memmove
_filelengthi64
setlocale
_ecvt
fopen
_ismbblead
_mktemp
_i64tow
??_V@YAXPAX@Z
setvbuf
_CItanh
_wgetcwd
_ismbstrail
ldiv
acos
_rmdir
__set_app_type
longjmp
??0exception@@QAE@XZ

kernel32

BackupRead
FormatMessageW
CreateJobObjectW
MoveFileWithProgressA
HeapCreate
QueryPerformanceCounter
GetComputerNameA
OpenMutexA
GetConsoleCursorInfo
WriteConsoleW
GetComputerNameExW
GetCompressedFileSizeA
GetComputerNameExA
FindNextFileW
GetModuleHandleW
AreFileApisANSI
GetCurrencyFormatA
IsProcessorFeaturePresent
VirtualAlloc
EnumResourceNamesW
GetSystemTime
SignalObjectAndWait
DeleteFileA
SetConsoleCP
GetStartupInfoA
Sleep
GetComputerNameW
WaitForSingleObjectEx
FindFirstFileExW
SetConsoleScreenBufferSize
CopyFileW
SetUnhandledExceptionFilter
WritePrivateProfileStructW
CommConfigDialogW
GetCurrentThreadId
Module32NextW
ReplaceFileA
CopyFileA

advapi32

SetNamedSecurityInfoW
LsaRetrievePrivateData
AccessCheckByType
SystemFunction031
RegRestoreKeyA
RegCreateKeyExW
SetTokenInformation
GetTraceEnableFlags
GetSecurityInfo
InitializeSecurityDescriptor
TraceMessage
ReportEventA
CreateRestrictedToken
AreAllAccessesGranted
GetKernelObjectSecurity
CryptDeriveKey
DuplicateTokenEx
ImpersonateSelf
DeleteService
RevertToSelf
GetServiceDisplayNameA
CreateProcessAsUserA
SetSecurityInfo
LookupAccountSidA
FreeSid
RegQueryValueExA
SetFileSecurityW
CryptVerifySignatureW
SetServiceStatus
StartTraceW
SystemFunction029
CryptEnumProvidersA
SystemFunction012
AbortSystemShutdownA
CommandLineFromMsiDescriptor

winspool.drv

GetJobW
DeletePrinter
GetPrinterDriverA
EnumPortsW
DeletePrinterDataW
EnumPrintersA
SetFormW
AddFormW
DeletePrinterDataExW
EnumPrintProcessorDatatypesW
GetPrintProcessorDirectoryA
SetPrinterDataExW
AddMonitorA
FindClosePrinterChangeNotification
ClosePrinter
StartPagePrinter
EndDocPrinter
EnumPrinterDataW
EnumPortsA
GetJobA
WritePrinter
AddPrintProcessorW
GetPrintProcessorDirectoryW
GetPrinterDriverDirectoryW
SetPrinterDataW

crypt32

CryptVerifyCertificateSignature

Sections

.text
Size: 25KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 550KB - Virtual size: 938KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e3f0a552d98f1e49b0f26b16ac6e40e

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msvcrt

kernel32

advapi32

winspool.drv

crypt32

Sections

.text Size: 25KB - Virtual size: 413KB

CRT Size: 550KB - Virtual size: 938KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 512B - Virtual size: 226B

.text
Size: 25KB - Virtual size: 413KB

CRT
Size: 550KB - Virtual size: 938KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 512B - Virtual size: 226B