17d9d9e6463625d1165f1abb0d8ab037

Sharing

Copy URL

Twitter E-mail

General

Target

17d9d9e6463625d1165f1abb0d8ab037
Size

269KB
MD5

17d9d9e6463625d1165f1abb0d8ab037
SHA1

20f28e50e12a08dce0e402df62ceb41491cf92bc
SHA256

7e2ea818cd6244d1483326cd35a0584eae4e2416837223f23879138847233bcc
SHA512

d16a5d440e8bf88c37040a126321ad988c41a9b696337db01814ac59bf1b7af48cd5e4f57a743fbdc6f97d267ee01cd261f30eb1070b97127c97c5f0600c12bb
SSDEEP

6144:USptors9UK9wATlLv7EW/B0YPNTsB1oIdqaqcdWZaKx/Geu2ewL:USpKrs9LqADD/B0SNTsB1ouqCda/ppL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17d9d9e6463625d1165f1abb0d8ab037

Files

17d9d9e6463625d1165f1abb0d8ab037
.exe windows:4 windows x86 arch:x86

837d9e8d4fe64830c8a7204f7c1617ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
IsValidLocale
CompareStringA
DeleteCriticalSection
HeapCreate
GetACP
HeapAlloc
LoadLibraryA
GetDateFormatA
VirtualProtect
EnterCriticalSection
ReadConsoleOutputCharacterW
FreeEnvironmentStringsW
GetLocaleInfoA
InterlockedExchange
TlsSetValue
GetFileType
InitializeCriticalSection
IsBadWritePtr
EnumSystemLocalesA
GetStringTypeW
GetStdHandle
IsValidCodePage
GetStringTypeA
GetUserDefaultLangID
LeaveCriticalSection
GetUserDefaultLCID
HeapSize
GetProcAddress
GetCommandLineA
HeapDestroy
HeapFree
CompareStringW
GetStartupInfoA
DebugBreak
MultiByteToWideChar
VirtualQuery
VirtualFree
SetEnvironmentVariableA
WriteFile
GetLastError
SetHandleCount
GetCurrentThread
GetVersionExA
HeapReAlloc
UnhandledExceptionFilter
ExitProcess
GetCPInfo
FreeEnvironmentStringsA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
TlsFree
GetModuleHandleA
GetTimeFormatA
SetLastError
TlsAlloc
GetCurrentThreadId
RtlUnwind
LCMapStringA
GetOEMCP
GetTimeZoneInformation
GetCurrentProcessId
GetModuleFileNameA
TlsGetValue
GetLocaleInfoW
SetLocaleInfoW
GetTickCount
LCMapStringW
GetEnvironmentStrings
GetSystemInfo
GetSystemTimeAsFileTime
WideCharToMultiByte

gdi32

CloseFigure
CreateDCW
GetCurrentPositionEx
GetCharABCWidthsA
CreatePolygonRgn
SetColorAdjustment
IntersectClipRect
RestoreDC
PolyPolygon
SetDIBColorTable
CreatePalette

comdlg32

LoadAlterBitmap
GetOpenFileNameW
ChooseColorA
GetFileTitleA
GetSaveFileNameW
ChooseFontA
PageSetupDlgW
ReplaceTextA
PrintDlgW
ChooseFontW
GetSaveFileNameA
PrintDlgA
ReplaceTextW

shell32

SHEmptyRecycleBinW
FreeIconList
FindExecutableA
SHGetFileInfoW
CheckEscapesW
SHBrowseForFolder
SHGetSpecialFolderLocation
SheChangeDirA
SHEmptyRecycleBinA
SHGetFileInfo
DragQueryFileAorW
ShellAboutW
ExtractIconA
SHGetSpecialFolderPathW
DoEnvironmentSubstW
DragQueryFile
SHGetPathFromIDListA
SHFileOperationA
SheSetCurDrive
InternalExtractIconListW
RealShellExecuteExW
SHGetSpecialFolderPathA

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

837d9e8d4fe64830c8a7204f7c1617ea

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

shell32

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 136KB - Virtual size: 157KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 136KB - Virtual size: 157KB

.rsrc
Size: 6KB - Virtual size: 6KB