017ab64b3e5ce4b54d1af57faa1e996a

Sharing

Copy URL Twitter E-mail

General

Target

017ab64b3e5ce4b54d1af57faa1e996a
Size

1.4MB
MD5

017ab64b3e5ce4b54d1af57faa1e996a
SHA1

bc651d1a7c201a95ebacfb5d9bf83fa0a44cc2ef
SHA256

b008dde68a1ae7e922cde92614357a4c167d2bae70cf5d0197556cad68b66417
SHA512

ca2f7c6e40c344b71ecbde4321ef69941c86475c97690471365e8e8b5b0473f818777596764717c9c3f511c658d5b4a33062636b916ea0f994f96f8f9a5bda72
SSDEEP

24576:MvZzN64oH0MaxO7MeztQ7LK/1JoXYGgN9B8ukX2bIA5U56Rr5Vt78S8z:hZQ84CB8ukmbv5U56Rr5j7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
017ab64b3e5ce4b54d1af57faa1e996a

Files

017ab64b3e5ce4b54d1af57faa1e996a
.exe windows:4 windows x86 arch:x86

64171e1f57873f65d76594d67b79a092

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
GetTickCount
FreeLibrary
LoadLibraryA
GetModuleHandleA
GlobalAlloc
GlobalFree
lstrcpyA
lstrcatA
GetStartupInfoA
GetPrivateProfileIntA
GetDiskFreeSpaceA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetPrivateProfileStringA
DeleteFileA
CreateFileA
WriteFile
CloseHandle
ReadFile
WritePrivateProfileStringA
SetCurrentDirectoryA
GetProcAddress
GetProfileStringA
OpenFile
_lread
GetModuleFileNameA
GetLastError
_lwrite
GetAtomNameA
GlobalReAlloc
lstrcmpA
AddAtomA
VirtualAlloc
VirtualFree
LocalAlloc
LocalLock
LocalUnlock
LocalFree
_lopen
_llseek
_hread
_lclose
GetFileSize
_lcreat
_hwrite
lstrcpynA
GlobalLock
GlobalUnlock
GlobalSize
lstrlenA

user32

IsWindowVisible
GetWindowWord
BeginPaint
EndPaint
GetScrollRange
IsDlgButtonChecked
GetClipboardData
SetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
RegisterClipboardFormatA
SetScrollRange
SetScrollPos
ScrollWindow
GetDC
ReleaseDC
PostMessageA
SetTimer
KillTimer
ReleaseCapture
SetCapture
GetWindowTextLengthA
SetWindowWord
IsChild
DestroyIcon
DrawIcon
GetClientRect
CheckRadioButton
GetDlgItemTextA
SetDlgItemTextA
SetFocus
EndDialog
SendDlgItemMessageA
WinHelpA
GetDlgItem
EnableWindow
LoadCursorA
SetCursor
InvalidateRect
UpdateWindow
SendMessageA
GetWindowLongA
wsprintfA
DialogBoxParamA
GetFocus
MessageBoxA
GetDlgItemInt
MapWindowPoints
PtInRect
GetCursorPos
GetWindowRect
GetSystemMetrics
SetWindowPos
LoadBitmapA
GetSystemMenu
ModifyMenuA
GetDlgCtrlID
PostQuitMessage
FindWindowA
GetMessageA
TranslateMDISysAccel
TranslateAcceleratorA
IsClipboardFormatAvailable
ClientToScreen
TrackPopupMenu
DestroyMenu
CopyRect
GetSubMenu
RemoveMenu
InsertMenuA
DrawMenuBar
LoadAcceleratorsA
LoadMenuA
LoadIconA
UnregisterClassA
CheckDlgButton
BringWindowToTop
ShowCursor
GetScrollPos
ScrollDC
GetParent
InvertRect
SetWindowTextA
SetWindowLongA
ScreenToClient
FillRect
DrawTextA
RegisterClassA
MessageBeep
GetTopWindow
CreateWindowExA
GetKeyState
DefWindowProcA
EnableMenuItem
GetMenu
GetMenuState
CheckMenuItem
DefFrameProcA
IsWindowEnabled
LoadStringA
GetWindowTextA
CreateDialogParamA
ShowWindow
DestroyWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetSysColor
MoveWindow
DefMDIChildProcA
EnumChildWindows
IsWindow
SetDlgItemInt

gdi32

LineTo
DeleteObject
SelectObject
CreatePen
DeleteDC
BitBlt
CreateCompatibleDC
SetROP2
CloseMetaFile
GetTextExtentPointA
SetBkMode
CreateMetaFileA
TextOutA
CreateFontA
Rectangle
CreateSolidBrush
Polygon
CreateFontIndirectA
Pie
CreateDCA
AbortDoc
EndDoc
EndPage
StartPage
GetDeviceCaps
StartDocA
SetAbortProc
GetStockObject
SetTextColor
SetBkColor
RealizePalette
SelectPalette
GetObjectA
StretchBlt
SetStretchBltMode
CreatePalette
CreateDIBitmap
FloodFill
GetRasterizerCaps
CreateRectRgn
SetViewportOrgEx
EnumFontFamiliesA
SelectClipRgn
MoveToEx

comdlg32

ChooseFontA
GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

comctl32

ImageList_GetImageCount
ImageList_Add
ImageList_Create

wininet

FtpCreateDirectoryA
FtpGetFileA
FtpGetCurrentDirectoryA
FtpRemoveDirectoryA
FtpSetCurrentDirectoryA
FtpFindFirstFileA
InternetGetLastResponseInfoA
FtpDeleteFileA
InternetFindNextFileA
FtpPutFileA
InternetOpenA
InternetCloseHandle
InternetConnectA

msvcrt

_XcptFilter
_lseek
_creat
_close
_errno
gmtime
_chdir
strncpy
rename
mktime
toupper
_mkdir
_rmdir
_getcwd
_msize
realloc
_strnset
remove
_snprintf
__mb_cur_max
_isctype
_pctype
div
atol
strchr
time
localtime
_splitpath
_findfirst
_findnext
atoi
strncat
sprintf
strstr
_exit
exit
atof
floor
strncmp
_CIpow
malloc
free
_ftol
_ltoa
_itoa
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_ecvt
_gcvt
_strnicmp

Sections

.text
Size: 800KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T�
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

64171e1f57873f65d76594d67b79a092

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

comctl32

wininet

msvcrt

Sections

.text Size: 800KB - Virtual size: 796KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 32KB - Virtual size: 38KB

.rsrc Size: 324KB - Virtual size: 321KB

.T� Size: 232KB - Virtual size: 232KB

.text
Size: 800KB - Virtual size: 796KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 32KB - Virtual size: 38KB

.rsrc
Size: 324KB - Virtual size: 321KB

.T�
Size: 232KB - Virtual size: 232KB