17c3d74e3c0645edb4b5145335b342d2929c92dff856cca1a5e79fa5d935fec2

Sharing

Copy URL

Twitter E-mail

General

Target

17c3d74e3c0645edb4b5145335b342d2929c92dff856cca1a5e79fa5d935fec2
Size

180KB
MD5

fb6ca1cd232151d667f6cd2484fee8c8
SHA1

f7bb52767afd2cd32ede8b5f83012eb99ba1ce28
SHA256

17c3d74e3c0645edb4b5145335b342d2929c92dff856cca1a5e79fa5d935fec2
SHA512

aeb58836e6901dd1a3c9f10631abe562993e70b4dc589ba2aec34b1ca978f3bcd782611c5d51c2ec1b475a7cc0e8a97f53432572d4fa2ccb31a6cfff1497cbf1
SSDEEP

3072:gzWgfLlUc7CIJ1tkZaQyjhOosc8MKi6KDXnLCtyAR0u1cZM6:gdLl4wkZa/UDiD7ukst136

Score

N/A

Malware Config

Signatures

Files

17c3d74e3c0645edb4b5145335b342d2929c92dff856cca1a5e79fa5d935fec2
.exe windows x86

0fcea3af550ad0a893e93808dccf17f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorDacl
RegisterEventSourceA
RegQueryInfoKeyA
GetSidSubAuthorityCount
RegSetValueExA
RegDeleteKeyA
GetKernelObjectSecurity
RegCloseKey
RegQueryValueA
RegLoadKeyA
GetSidSubAuthority
RegConnectRegistryA
LookupPrivilegeValueA
InitiateSystemShutdownA
CreateProcessAsUserA
GetSidIdentifierAuthority
OpenThreadToken
LsaQueryInformationPolicy
RegQueryValueW
EncryptFileW
RegSetValueW
MakeAbsoluteSD
RegOpenKeyExA
RegCreateKeyExW
AddAce
SetNamedSecurityInfoW
OpenEventLogW
GetUserNameW
SetSecurityDescriptorSacl
MakeSelfRelativeSD
RegFlushKey
InitializeSecurityDescriptor
InitializeAcl
SetEntriesInAclA
GetSidLengthRequired
RegSetValueA
SetEntriesInAclW
GetAclInformation

user32

DrawIconEx
IsDialogMessageA
OffsetRect
PostThreadMessageW
DialogBoxParamA
GetLastActivePopup
GetGUIThreadInfo
DrawStateA
IsWindow
OpenClipboard
InSendMessage
FindWindowW
IsMenu
EnumDisplaySettingsA
DrawAnimatedRects
FrameRect
SetMenuDefaultItem
GrayStringW
CreateDialogIndirectParamW
ClientToScreen
GetParent
TranslateMDISysAccel
CreateDesktopW
ShowCaret
GetProcessWindowStation
TrackPopupMenu
IntersectRect
DialogBoxIndirectParamA
DefWindowProcA
ReuseDDElParam
NotifyWinEvent
SetClipboardData
CloseClipboard
DdeDisconnect
GetClassNameA
GetCaretPos
CharLowerW
GetWindowModuleFileNameA
IsWindowVisible
wvsprintfA
ModifyMenuA
SendDlgItemMessageW
SetCaretBlinkTime
LoadMenuW
GetMenuState
DrawTextExA
ChangeDisplaySettingsW
CreateWindowExW
GetCapture
CreatePopupMenu
SetMenu
CharUpperBuffW
DrawStateW
LoadImageA
GetScrollPos
GetDlgItem
GetClipboardFormatNameW
ValidateRgn
GetWindowThreadProcessId
GetClassInfoExW
DdeAccessData
ShowWindow
GetKeyboardLayout
GetClassInfoW
SetCaretPos
LoadCursorA
FillRect
LoadMenuA
mouse_event
ModifyMenuW
InvalidateRgn
GetMenuItemID
IsIconic
OemToCharA
LoadCursorFromFileW
RegisterWindowMessageA
DispatchMessageW
GetCursorPos
CharPrevA
GetWindowWord

imm32

ImmGetProperty
ImmGetCandidateListCountA
ImmGetCompositionStringA
ImmSetConversionStatus
ImmSetOpenStatus
ImmCreateContext
ImmGetOpenStatus
ImmNotifyIME
ImmInstallIMEA
ImmGetContext
ImmDestroyContext
ImmSimulateHotKey
ImmConfigureIMEA
ImmAssociateContext

rasapi32

RasDialA
RasGetProjectionInfoA

kernel32

WriteFileGather
PulseEvent
GetLongPathNameA

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fcea3af550ad0a893e93808dccf17f4

Headers

File Characteristics

Imports

advapi32

user32

imm32

rasapi32

kernel32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 3.7MB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 3.7MB

.rsrc
Size: 104KB - Virtual size: 100KB