17d639117667fe5585ab85cf384cfb7d

Sharing

Copy URL

Twitter E-mail

General

Target

17d639117667fe5585ab85cf384cfb7d
Size

260KB
MD5

17d639117667fe5585ab85cf384cfb7d
SHA1

8f0e9d243b9b15926888284cdd2499572dfdacf5
SHA256

48d7ffde112f0eb4eb1acd7f36285504119b18e4f2bbbd0a55a328a709640711
SHA512

ed5e00e9aaab4057a7662c03511b7fb344b48d86ed4abdbc5757bce9bc27534e920d90169078faecef11fc052bceca9f76711ed1b82af2632d8dbe6c6075dacd
SSDEEP

6144:OtX21Y7+PO6hIKxeYBy4GPIRMKFpIq7EbjkUvudrhTl:MhIhIKxeRHPI7FpwbjkMWhTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17d639117667fe5585ab85cf384cfb7d

Files

17d639117667fe5585ab85cf384cfb7d
.exe windows:4 windows x86 arch:x86

1dd3af5a7c39a505d5c1756e3f30a4aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
HeapDestroy
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GlobalFree
FatalAppExitW
WideCharToMultiByte
CreateThread
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynW
lstrcmpiW
GetCurrentThreadId
SetLastError
FlushInstructionCache
OpenEventW
WaitForSingleObject
CloseHandle
FreeLibrary
LoadLibraryExW
LocalFree
FormatMessageW
lstrlenW
HeapAlloc
GetProcessHeap
RaiseException
HeapFree
GetUserDefaultLangID
FindFirstFileW
FindClose
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
LocalAlloc
GetVersion
GetProcAddress

user32

MessageBoxW
IsWindow
MapWindowPoints
GetDlgItem
GetTopWindow
SetDlgItemTextW
ShowWindow
ScreenToClient
SetWindowPlacement
GetWindowPlacement
GetClientRect
GetWindowRect
GetWindow
SetClipboardData
OffsetRect
ReleaseCapture
GetCapture
SetCapture
CopyRect
IsRectEmpty
InflateRect
DrawTextW
EndDialog
DestroyWindow
MapDialogRect
UnregisterClassA
GetSystemMetrics
GetParent
CloseClipboard
CallNextHookEx
GetFocus
DefWindowProcW
SetWindowsHookExW
GetDC
ReleaseDC
GetClassNameW
RedrawWindow
PtInRect
SetRectEmpty
SetCursor
GetCursorPos
BeginPaint
EndPaint
PostMessageW
InvalidateRect
SetTimer
KillTimer
GetDlgCtrlID
DrawFocusRect
CallWindowProcW
GetWindowDC
IsCharAlphaNumericW
DrawIconEx
GetTabbedTextExtentW
SetForegroundWindow
DrawStateW
TabbedTextOutW
SetFocus
CreateWindowExW
IsWindowEnabled
GetKeyState
OpenClipboard
EmptyClipboard
GetActiveWindow
GetNextDlgTabItem
UnhookWindowsHookEx
SetWindowPos
MoveWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SendMessageW
GetWindowLongW
SystemParametersInfoW
DestroyIcon
LoadImageW
DialogBoxParamW
SetWindowLongW
GetSysColor
LoadCursorW

gdi32

Polygon
ExtCreatePen
SetROP2
GetBkColor
SetViewportOrgEx
SetTextAlign
TextOutW
GetTextExtentExPointW
CreateCompatibleDC
SetTextColor
CombineRgn
CreateRectRgn
RoundRect
GetClipRgn
SelectClipRgn
BitBlt
PtInRegion
CreateRectRgnIndirect
CreateCompatibleBitmap
DeleteDC
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
SetBkMode
GetTextMetricsW
SelectObject
GetStockObject
GetObjectType
GetObjectW
CreateSolidBrush
CreateFontIndirectW
CreatePen
DeleteObject

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CreateStreamOnHGlobal

oleaut32

SysStringLen
VarBstrCmp
VariantClear
DispCallFunc
GetErrorInfo
SysFreeString
SysAllocStringLen
SafeArrayUnlock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayLock
SysAllocString
SafeArrayCreate
SafeArrayDestroy
VariantInit
SysAllocStringByteLen
SysStringByteLen

shlwapi

StrChrW
ColorAdjustLuma

comctl32

ImageList_GetImageCount
ImageList_Create
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent
ImageList_GetIcon
InitCommonControlsEx
ImageList_Destroy

msimg32

GradientFill

msoert2

PszAllocA

iaspolcy

DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YqVRuz
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sa
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UFR
Size: 512B - Virtual size: 307B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aUI
Size: 1024B - Virtual size: 819B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Q
Size: 1024B - Virtual size: 791B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dd3af5a7c39a505d5c1756e3f30a4aa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

msoert2

iaspolcy

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 5KB

.YqVRuz Size: 2KB - Virtual size: 1KB

.sa Size: 2KB - Virtual size: 2KB

.UFR Size: 512B - Virtual size: 307B

.aUI Size: 1024B - Virtual size: 819B

.data Size: 212KB - Virtual size: 306KB

.Q Size: 1024B - Virtual size: 791B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 5KB

.YqVRuz
Size: 2KB - Virtual size: 1KB

.sa
Size: 2KB - Virtual size: 2KB

.UFR
Size: 512B - Virtual size: 307B

.aUI
Size: 1024B - Virtual size: 819B

.data
Size: 212KB - Virtual size: 306KB

.Q
Size: 1024B - Virtual size: 791B

.rsrc
Size: 10KB - Virtual size: 10KB