17e7ab5dd9a5241e92044af060380396

Sharing

Copy URL Twitter E-mail

General

Target

17e7ab5dd9a5241e92044af060380396
Size

137KB
MD5

17e7ab5dd9a5241e92044af060380396
SHA1

e92472fff96c24c853bce7f7ca21362856eb98e6
SHA256

a1e9dd03f991471ff6a260a55aa495cf646acb6f68b0d3fb2b532c35b22b6a5f
SHA512

29a3c9cfd89cc04d550e4b0127a9378359836f96a24e1b8025a4dc183bdc1485282ae700361eb913158d5bb39c97890223c6ae2cc2ef2eae4273643482301c48
SSDEEP

3072:pBKnxxKpmSBauM+C1fNJ9sx7E4RRTvFXsXdvYpXg8UgvTxPQihmm1:pwcMukQEARTt8tvYpXgeLxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17e7ab5dd9a5241e92044af060380396

Files

17e7ab5dd9a5241e92044af060380396
.exe windows:5 windows x86 arch:x86

a467ce2eeca6741feaab76c3c35d0607

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
ReplaceTextW
PrintDlgExW
CommDlgExtendedError

user32

SetCaretPos
CreateAcceleratorTableW
TranslateMessage
ChangeMenuW
GetMenuItemRect
OpenInputDesktop
DispatchMessageA
SetRectEmpty
GetWindowPlacement
IsIconic
CharNextExA
WaitForInputIdle
CallWindowProcW
MoveWindow
MessageBoxA
CopyRect
MonitorFromPoint
BeginPaint
SendMessageTimeoutW
RegisterHotKey
MapVirtualKeyW
LoadCursorA
GetKeyboardLayoutList
InflateRect
mouse_event
CheckMenuRadioItem
LoadIconW
CreateDialogParamA
UnionRect
FindWindowW
SendNotifyMessageW
CharPrevW
ExitWindowsEx
GetDC
ChildWindowFromPoint
LookupIconIdFromDirectory
CheckRadioButton
GetScrollRange
PostMessageW
LoadIconA
LoadMenuA
FillRect
EnableWindow
LoadBitmapA
GetMenuItemInfoW
GetDlgItemInt
RemoveMenu
SetMenuDefaultItem
AdjustWindowRect
IsWindowVisible
GetWindowTextA
PostMessageA
CharNextW
DestroyMenu
CopyImage
CheckDlgButton
CreateCaret
InternalGetWindowText
RegisterWindowMessageW
wsprintfW
LoadStringW
OffsetRect
InSendMessage
GetSubMenu
GetMenu
OemToCharBuffA
GetDlgItemTextW
EnumWindows
CharToOemW
CreateDialogParamW
ClientToScreen
SetRect
CreateIconIndirect
CreateWindowExA
GetWindowLongA
LoadCursorW
DialogBoxIndirectParamA
GetActiveWindow
ShowWindowAsync
GrayStringW
GetForegroundWindow
SendMessageTimeoutA
EqualRect
AllowSetForegroundWindow
LoadMenuW
DefDlgProcW
CopyAcceleratorTableW
SetFocus
GetWindowTextW
CharUpperBuffW
GetMessageA
ShowCaret
keybd_event
IsDialogMessageW
ShowCursor
SetForegroundWindow
DefWindowProcW
IsRectEmpty
BeginDeferWindowPos
TileWindows
IsCharAlphaA
GetClipCursor
GetDlgCtrlID
DestroyCursor
DestroyCaret
RegisterClassExA
EnableMenuItem
GetSystemMetrics
GetFocus
SetWindowTextA
OpenIcon
PeekMessageA
ChildWindowFromPointEx
LoadAcceleratorsA
MessageBoxExA
GetUserObjectInformationA
IsChild
CallWindowProcA
GetCaretPos
CascadeWindows
GetClassInfoW
CharUpperA
ValidateRect
GetTopWindow

msvcrt

puts
_controlfp
mktime
islower
toupper
setvbuf
__set_app_type
__p__fmode
free
__p__commode
wcspbrk
iswdigit
vsprintf
_amsg_exit
perror
iswprint
tolower
setlocale
strpbrk
_vsnwprintf
remove
strspn
_initterm
srand
clearerr
_ismbblead
fgetc
strtoul
gets
calloc
isalnum
localtime
qsort
_XcptFilter
wcscoll
exit
atoi
_exit
_cexit
__setusermatherr
system
isspace
towlower
iswalpha
__getmainargs
isalpha
wcstod
wcschr

kernel32

RegisterWaitForSingleObject
GetTickCount
CreateWaitableTimerA
SetPriorityClass
DefineDosDeviceW
UnlockFile
IsValidLocale
GetOEMCP
GetSystemDirectoryW
TryEnterCriticalSection
lstrcpynW
CompareStringW
OpenEventA
TerminateThread
GlobalDeleteAtom
IsBadWritePtr
SetLastError
TransactNamedPipe
IsValidLanguageGroup
LocalAlloc
GlobalUnlock
LoadLibraryA
CallNamedPipeW
GlobalFree
DuplicateHandle
SetThreadAffinityMask
GetModuleHandleA
GetComputerNameW
GetModuleFileNameA
WaitForMultipleObjects
FileTimeToLocalFileTime
GlobalSize
CreateNamedPipeA
HeapSize
CancelWaitableTimer
FileTimeToDosDateTime
SetSystemTime
QueryDosDeviceW
lstrlenW
AddAtomA
lstrcpyW
DeleteFileA
GetDateFormatW
LoadResource
GlobalGetAtomNameW
FindFirstFileW
GlobalGetAtomNameA
IsDBCSLeadByte
HeapUnlock
WriteFile
OpenFile
FindNextFileW
UnmapViewOfFile
EnterCriticalSection
WaitForSingleObject
GetAtomNameA
SetErrorMode
CloseHandle

shlwapi

UrlGetPartW

Exports

Exports

?CreatDlgItemList@@YGKPBDDPAX:O

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.exp
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edit
Size: 1KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ixport
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sims
Size: 1024B - Virtual size: 591B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a467ce2eeca6741feaab76c3c35d0607

Headers

File Characteristics

Imports

comdlg32

user32

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.exp Size: 512B - Virtual size: 121B

.edit Size: 1KB - Virtual size: 54KB

.data Size: 2KB - Virtual size: 2KB

.ixport Size: 6KB - Virtual size: 5KB

.sims Size: 1024B - Virtual size: 591B

.ndat Size: 512B - Virtual size: 192B

.rsrc Size: 101KB - Virtual size: 101KB

.text
Size: 23KB - Virtual size: 22KB

.exp
Size: 512B - Virtual size: 121B

.edit
Size: 1KB - Virtual size: 54KB

.data
Size: 2KB - Virtual size: 2KB

.ixport
Size: 6KB - Virtual size: 5KB

.sims
Size: 1024B - Virtual size: 591B

.ndat
Size: 512B - Virtual size: 192B

.rsrc
Size: 101KB - Virtual size: 101KB