17c1656f5ed64d77a5b9658205e9facf

General

Target

17c1656f5ed64d77a5b9658205e9facf
Size

51KB
MD5

17c1656f5ed64d77a5b9658205e9facf
SHA1

7c623e40a5c0342adff6885225a5aa2a79bb77ac
SHA256

02dc016e07bab9fc7c1c742621b43a11b1f7abd50ef816b086dda2e5b2b907ae
SHA512

2a78e7ec975563edeaa778228d59619dae1b60da0b632dd6c6ce742229782fd9299494cbdeb0999f69376d6b36551242f611aed2c5b00b6e35c17c02da4fbf9a
SSDEEP

768:N8t04ljpv2y6nRp8ROlo3K78t04ljpv2y6nRp8ROlo3K:mt04XvpC8Rmo6At04XvpC8Rmo6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17c1656f5ed64d77a5b9658205e9facf

Files

17c1656f5ed64d77a5b9658205e9facf
.exe windows:4 windows x86 arch:x86

cc877af1f2f4c887682590e3f95bfc0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
WriteFile
DeleteFileA
ReadFile
CloseHandle
GetFileSize
CreateFileA
CreateThread
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetACP
GetCPInfo
RtlUnwind
CopyFileA
CreateDirectoryA
GetWindowsDirectoryA
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
Sleep
WinExec
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetStringTypeW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetOEMCP
lstrcpynA
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc

user32

wsprintfA
ShowWindow
UpdateWindow
DispatchMessageA
TranslateMessage
GetMessageA
LoadIconA
GetDesktopWindow
CreateDialogParamA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA

wsock32

sendto
socket
WSAStartup
ioctlsocket
htons
connect
recvfrom

ole32

CoInitialize
CoCreateInstance

shell32

Shell_NotifyIconA

comctl32

InitCommonControlsEx

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc877af1f2f4c887682590e3f95bfc0d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

ole32

shell32

comctl32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 240B

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 240B