17a974e84d5d701da1803e237375a600

Sharing

Copy URL Twitter E-mail

General

Target

17a974e84d5d701da1803e237375a600
Size

667KB
MD5

17a974e84d5d701da1803e237375a600
SHA1

3d118673307b9fa602eb670369d6ea6bc770a2e0
SHA256

448588a3f105ca81b4e4060cd795fe3af02cef3c8d8325fbaab5a98f7b429b23
SHA512

d95579294cf40336328700dd75bedb1bb3b83920feb85b7e01cf92205977a4f7c857cb227af032f4b2e179eaee150c61d5593f0b739610697111668ea222d29e
SSDEEP

12288:4NJ7XiQ1Y7jcrkckzTHuox+osEGZ/bOlWnIwHaQ1IfwQg4BXbZEnXSEeMzOWY5oF:i7X1dCuoAosXhqzttXbyLOTaP4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a974e84d5d701da1803e237375a600

Files

17a974e84d5d701da1803e237375a600
.exe windows:4 windows x86 arch:x86

4dbcc79c2cc00882338d48f13c233864

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClassLongA
GetClassInfoExA
CallMsgFilterA
SetClipboardViewer
GetClassInfoW
DdeSetUserHandle
DrawIcon
CharUpperBuffA
GetScrollRange
GetDialogBaseUnits
SetClassLongW
SetDeskWallpaper
GetMenuStringA
RegisterClassExA
GetParent
RegisterClassA
GetSystemMenu
IsChild
DrawAnimatedRects
CheckRadioButton
CopyImage
LoadMenuW
IsCharAlphaW
EnableScrollBar
CopyAcceleratorTableA
SendMessageTimeoutA
GetInputState

gdi32

GetSystemPaletteEntries
GetDeviceGammaRamp
GetPaletteEntries
ColorMatchToTarget
IntersectClipRect
PlayMetaFileRecord
gdiPlaySpoolStream
GetLogColorSpaceA
OffsetRgn
Pie
SetGraphicsMode
AbortPath
InvertRgn
EnumICMProfilesW
SetTextJustification
GetWorldTransform
FrameRgn
ResizePalette
GdiPlayScript
EndPage
CopyEnhMetaFileA
EnumObjects
SetEnhMetaFileBits
CreateScalableFontResourceA

kernel32

GetCurrentThreadId
SetHandleCount
GetStringTypeW
GetModuleFileNameW
IsBadReadPtr
GetStdHandle
GetLastError
CloseHandle
SetLastError
WaitNamedPipeW
FreeEnvironmentStringsA
GetACP
EnumTimeFormatsW
InitializeCriticalSection
OutputDebugStringW
InterlockedExchange
GetProcAddress
FindAtomA
EnterCriticalSection
CreateFileA
TlsAlloc
TlsGetValue
OpenMutexA
ExitProcess
FreeLibrary
IsValidLocale
GetStringTypeA
HeapReAlloc
GetLocaleInfoW
GetCurrentThread
EnumSystemLocalesA
GetCalendarInfoW
VirtualAlloc
HeapFree
SetConsoleCtrlHandler
MultiByteToWideChar
UnhandledExceptionFilter
GetStringTypeExW
lstrlenW
LoadLibraryA
WriteFile
GlobalReAlloc
GetSystemTimeAsFileTime
CompareStringA
RaiseException
GetConsoleMode
GetModuleHandleA
OutputDebugStringA
GetStartupInfoA
ReadFile
QueryPerformanceCounter
GetOEMCP
GetConsoleCP
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WriteConsoleW
LeaveCriticalSection
GetModuleFileNameA
WideCharToMultiByte
SetEnvironmentVariableA
IsDebuggerPresent
GetVersionExA
lstrlenA
GetTimeFormatA
FindResourceExW
MoveFileExA
GetTickCount
SetFilePointer
DebugBreak
LoadLibraryW
HeapValidate
GetTimeZoneInformation
CreateMutexA
HeapAlloc
CreateDirectoryA
GetEnvironmentStrings
LCMapStringW
WaitCommEvent
GetCPInfo
DeleteCriticalSection
CompareStringW
InterlockedDecrement
UnlockFileEx
WriteConsoleA
DeleteFileA
FlushFileBuffers
FreeEnvironmentStringsW
GetCurrentProcessId
IsValidCodePage
SetUnhandledExceptionFilter
TerminateProcess
InterlockedIncrement
LoadLibraryExW
TlsFree
GetLocaleInfoA
SetConsoleWindowInfo
VirtualFree
SetStdHandle
RtlUnwind
GetFileType
GetProcessHeap
TlsSetValue
GetCurrentProcess
GetConsoleOutputCP
GetDateFormatA
GetCommandLineA
VirtualQuery
GetUserDefaultLCID
LCMapStringA

comdlg32

GetFileTitleA
ChooseFontW
ReplaceTextW
ChooseColorA

advapi32

CryptDecrypt
LookupPrivilegeNameA
CryptDuplicateKey
CryptHashData
CreateServiceW
RegEnumKeyExA
CryptGetProvParam
CryptSetKeyParam
InitializeSecurityDescriptor
RegConnectRegistryA
RegQueryMultipleValuesW
RegSetValueExA
CryptEnumProviderTypesW
RegDeleteKeyW
InitiateSystemShutdownA

comctl32

InitCommonControlsEx

wininet

InternetLockRequestFile
FindFirstUrlCacheEntryW
UnlockUrlCacheEntryStream
InternetTimeFromSystemTimeA
RegisterUrlCacheNotification
FtpSetCurrentDirectoryA
InternetOpenUrlW
CommitUrlCacheEntryA

Sections

.text
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dbcc79c2cc00882338d48f13c233864

Headers

File Characteristics

Imports

user32

gdi32

kernel32

comdlg32

advapi32

comctl32

wininet

Sections

.text Size: 302KB - Virtual size: 301KB

.rdata Size: 48KB - Virtual size: 72KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 302KB - Virtual size: 301KB

.rdata
Size: 48KB - Virtual size: 72KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 3KB - Virtual size: 3KB