17d11cb73d8b121267c02038d1e7e72760c970bee04318faf94dd1bf52c7ff00

General

Target

17d11cb73d8b121267c02038d1e7e72760c970bee04318faf94dd1bf52c7ff00
Size

4.8MB
MD5

b3d5d341b7af919db698f8b32005cc20
SHA1

9ceb5bd57c90fc3dccb4c77330b59261d51d4a14
SHA256

17d11cb73d8b121267c02038d1e7e72760c970bee04318faf94dd1bf52c7ff00
SHA512

0662e9cfe28e3fdf8f141c4c47a8e7e5992a5a636ddc62d00a31339553ec449118dcc6e351c365567563faa24d8e886895e5a8a4c324599c3ee73ad2b22ac572
SSDEEP

98304:pUbLMYkndUy/FSU4FEiOhT4CUkdqwhxY+33RjEptwxaf4mW4OjBBP:p0MndH/FNsEiOC1kAw2OH

Score

N/A

Malware Config

Signatures

Files

17d11cb73d8b121267c02038d1e7e72760c970bee04318faf94dd1bf52c7ff00
.exe windows x86

3d1ad404fff5aced37848e93788ba257

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckDlgButton
SetForegroundWindow
DestroyMenu
DefWindowProcW
PtInRect
TranslateMessage
PostQuitMessage
SetFocus
IsWindowVisible
BeginPaint
GetCursorPos
SetCursor
IsWindow
UnregisterClassA
GetSubMenu
GetFocus
GetWindowTextW
RegisterClassW
GetActiveWindow
MoveWindow
DestroyWindow

kernel32

lstrcmpiW
DeleteCriticalSection
GlobalFree
SetFilePointer
InterlockedExchange
RtlUnwind
SetUnhandledExceptionFilter
IsDebuggerPresent
ResetEvent
FormatMessageW
GetEnvironmentStrings
SetEvent
CreateEventW
GetFileType
Sleep
GetCommandLineW
HeapCreate
VirtualQueryEx
OpenEventA
_llseek

gdi32

CreatePalette
CreateSolidBrush
GetTextExtentPoint32W
CreateRectRgn
SetROP2
SaveDC

advapi32

LookupPrivilegeValueW
ImpersonateLoggedOnUser
AddAccessAllowedAce
RegQueryInfoKeyA
RegEnumValueA
RegisterEventSourceW
GetSecurityDescriptorLength
ChangeServiceConfigW
CloseServiceHandle
CryptSetKeyParam
CryptExportKey

Sections

.cod
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdat
Size: 67KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d1ad404fff5aced37848e93788ba257

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

Sections

.cod Size: 4.0MB - Virtual size: 4.0MB

.rdat Size: 67KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 2KB

.rsrc Size: 323KB - Virtual size: 322KB

.cod
Size: 4.0MB - Virtual size: 4.0MB

.rdat
Size: 67KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 323KB - Virtual size: 322KB