17a9d544bd329093900c71dc8343d48f

Sharing

Copy URL Twitter E-mail

General

Target

17a9d544bd329093900c71dc8343d48f
Size

518KB
MD5

17a9d544bd329093900c71dc8343d48f
SHA1

618bccfd1dc96d39f72ffc299385077ffac9d7a5
SHA256

11094e8b54b70ab8e023639929ab534e11a31e9d9dfa77a9770b7bb83af76e6d
SHA512

1ccb8e18017ae1189957c6eca0cb3d81bff44e4465e1d1587a9669ce5f0ec47e19a406d08510fe0d2b15124c1296002ff10f50fa5decfd0f3b432eb15ed7eadf
SSDEEP

12288:lRk2zmVnogSmaZ0lhYc0egVJa8froAsa:lXzsno3maSWcgaDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a9d544bd329093900c71dc8343d48f

Files

17a9d544bd329093900c71dc8343d48f
.exe windows:4 windows x86 arch:x86

5da777f1e91f3693d6df8cddf7a508f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
CryptSetKeyParam
CryptAcquireContextW
RevertToSelf
CryptGenRandom
CryptContextAddRef
RegSetValueW
RegCreateKeyW
InitializeSecurityDescriptor
CryptDestroyHash
RegReplaceKeyA
CryptSetProviderW
RegLoadKeyA
CryptVerifySignatureW
ReportEventW
RegConnectRegistryA
RegQueryMultipleValuesW
CryptEnumProviderTypesA
CryptAcquireContextA
LookupPrivilegeValueW
CryptSignHashA
RegSaveKeyW
RegFlushKey
GetUserNameA

comctl32

CreatePropertySheetPageW
ImageList_GetIcon
ImageList_Draw
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Destroy
ImageList_DrawEx
ImageList_DragEnter
ImageList_LoadImageW
ImageList_EndDrag
ImageList_Add
CreatePropertySheetPageA
InitCommonControlsEx
CreateToolbarEx

user32

ShowWindow
CreateWindowExA
OemToCharA
IsWindowEnabled
GetClipboardOwner
CharNextExA
LoadStringA
ModifyMenuA
ShowCaret
EnableWindow
DdeQueryStringW
RegisterClassExA
DefDlgProcA
EnumDisplaySettingsExW
EnumDisplayMonitors
DrawFrame
OpenWindowStationW
GetNextDlgGroupItem
GetDoubleClickTime
GetMenuItemInfoW
MapVirtualKeyExA
DefWindowProcW
DestroyWindow
RegisterClassA
GetMenuBarInfo
SendIMEMessageExW
ChangeMenuW
CharPrevW
GetMenuCheckMarkDimensions
MessageBoxA
CreateDialogParamA

comdlg32

GetOpenFileNameA
ChooseFontA

gdi32

SetPixelV
ChoosePixelFormat
SetWorldTransform
GetRgnBox
Escape
GetBkMode
GetPath
FlattenPath
GetRandomRgn
WidenPath
GetDeviceGammaRamp
SetMapMode
EnumFontFamiliesA
SetBrushOrgEx

kernel32

GetFileAttributesExW
VirtualFree
GetTickCount
FreeEnvironmentStringsW
WriteConsoleW
EnumSystemLocalesA
FormatMessageW
GetVersionExA
UnhandledExceptionFilter
TlsAlloc
GetConsoleOutputCP
GetEnvironmentStringsA
QueryPerformanceCounter
GetStartupInfoA
ReadConsoleOutputA
GlobalCompact
SetConsoleCtrlHandler
GetLocaleInfoW
GetConsoleMode
IsValidLocale
SetLastError
VirtualAlloc
GetCurrentThread
CompareStringW
FindFirstFileA
GetCurrentThreadId
GetUserDefaultLCID
GetModuleFileNameA
HeapAlloc
GetLastError
LoadLibraryA
RtlUnwind
GetSystemTimeAsFileTime
InterlockedExchange
GetEnvironmentStringsW
TerminateProcess
GetEnvironmentStrings
FreeLibrary
GetTimeFormatA
CreateToolhelp32Snapshot
WriteConsoleA
CloseHandle
OpenSemaphoreW
ReadFile
SetEnvironmentVariableA
HeapFree
MultiByteToWideChar
WriteFile
SetComputerNameW
OpenMutexA
GetFileType
TlsFree
WriteConsoleInputA
Sleep
GetModuleHandleA
GetCommandLineA
GetTimeZoneInformation
FreeEnvironmentStringsA
IsDebuggerPresent
DeleteAtom
InitializeCriticalSection
LCMapStringA
GetConsoleCP
GetProcAddress
GetProcessHeap
CreateMutexA
EnterCriticalSection
RemoveDirectoryA
GetStringTypeA
GetCPInfo
InterlockedIncrement
FindNextFileA
SetHandleCount
LeaveCriticalSection
SetUnhandledExceptionFilter
GetPrivateProfileSectionNamesW
GetStringTypeW
HeapDestroy
CreateDirectoryA
GetLocaleInfoA
GetCommandLineW
WideCharToMultiByte
TlsGetValue
IsValidCodePage
VirtualQuery
GetModuleFileNameW
GetCurrentProcessId
HeapSize
GetConsoleScreenBufferInfo
CreateFileA
GlobalSize
HeapCreate
GetCurrentProcess
FlushFileBuffers
SetFilePointer
SetStdHandle
TlsSetValue
HeapReAlloc
GetStdHandle
OpenSemaphoreA
ExitProcess
GetOEMCP
GetWindowsDirectoryW
GetACP
DeleteCriticalSection
InterlockedDecrement
GetStartupInfoW
GetDateFormatA
SetEndOfFile
LCMapStringW
CompareStringA

Sections

.text
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5da777f1e91f3693d6df8cddf7a508f0

Headers

File Characteristics

Imports

advapi32

comctl32

user32

comdlg32

gdi32

kernel32

Sections

.text Size: 340KB - Virtual size: 340KB

.rdata Size: 43KB - Virtual size: 71KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 340KB - Virtual size: 340KB

.rdata
Size: 43KB - Virtual size: 71KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 29KB - Virtual size: 29KB