17dcf87d2fcd74a972b254335961b88c

Sharing

Copy URL Twitter E-mail

General

Target

17dcf87d2fcd74a972b254335961b88c
Size

474KB
MD5

17dcf87d2fcd74a972b254335961b88c
SHA1

df642a83af4dec959e0cc19ccccbd82f448a7c6e
SHA256

ea3b73965bcfc3738c7e21da5cb9a9fddf73e4ba5dc8b35c0c5fd784d86add8d
SHA512

afef53eb0536ba7d72e68fc8e41ff14d5e790c64f9b064eb6cc47875650c73a99bad0d627076cc2ea3b4851cae90c0452e79a82697316a7507d8e5b86cf1f7dc
SSDEEP

12288:ldbSmqTKY8Kx3IPkuya5JltHac7LMHrRi6HG:la8k3IPkuya5J3HaBrY6m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17dcf87d2fcd74a972b254335961b88c

Files

17dcf87d2fcd74a972b254335961b88c
.exe windows:5 windows x86 arch:x86

a521f4b013ff42669ba31f5dc2fec304

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
IsProcessorFeaturePresent
GetTickCount
GetCurrentDirectoryA
SetCurrentDirectoryA
GetACP
GetLocalTime
GetEnvironmentVariableA
SetCommBreak
CreateFileA
GetCommState
SetCommState
SetCommTimeouts
ClearCommBreak
CreatePipe
SetHandleInformation
GetCurrentThreadId
OpenProcess
LocalAlloc
LocalFree
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrentThread
GetThreadTimes
GetCurrentProcess
GetProcessTimes
GetSystemTime
GetSystemTimeAdjustment
GetSystemDirectoryA
WriteFile
CreateEventA
ReadFile
GetLastError
WaitForSingleObject
GetOverlappedResult
SetEvent
LoadLibraryA
FreeLibrary
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameA
CreateProcessA
CloseHandle
Beep
CreateThread
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
IsDBCSLeadByteEx
MultiByteToWideChar
GetLocaleInfoA
GetOEMCP
GetCPInfo
lstrcpynA
GetModuleHandleA
GetProcAddress
GetVersionExA
MulDiv
OutputDebugStringA

user32

FindWindowA
GetClipboardOwner
GetQueueStatus
GetDoubleClickTime
GetSystemMenu
CreateMenu
SetForegroundWindow
GetForegroundWindow
UpdateWindow
MsgWaitForMultipleObjects
PeekMessageA
IsWindow
HideCaret
ShowCaret
CreateCaret
DestroyCaret
TranslateMessage
EnableMenuItem
GetCursorPos
TrackPopupMenu
ScreenToClient
GetKeyboardLayout
SetKeyboardState
ToAsciiEx
SetScrollInfo
GetMessageTime
PostMessageA
CheckMenuItem
IsZoomed
FlashWindow
GetClipboardData
RegisterClipboardFormatA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCaretPos
KillTimer
SetTimer
GetKeyboardState
SetClassLongA
SetCursor
ShowCursor
CreatePopupMenu
InsertMenuA
DeleteMenu
AppendMenuA
IsIconic
GetSystemMetrics
GetCapture
MessageBoxIndirectA
LoadIconA
GetDesktopWindow
MoveWindow
DefDlgProcA
LoadCursorA
CreateDialogParamA
GetMessageA
GetWindowLongA
IsDialogMessageA
DispatchMessageA
PostQuitMessage
EnableWindow
DialogBoxParamA
EndDialog
GetParent
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
RegisterWindowMessageA
DrawEdge
SetCapture
MessageBoxA
SetFocus
GetDlgItem
GetDlgItemTextA
SetDlgItemTextA
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
SetWindowLongA
MessageBeep
SendDlgItemMessageA
GetDC
ReleaseDC
SendMessageA
MapDialogRect
GetCaretBlinkTime
DestroyWindow
RegisterClassA
GetSysColor
SystemParametersInfoA
GetWindowRect
CreateWindowExA
ShowWindow
SetWindowTextA
BeginPaint
GetClientRect
GetWindowTextLengthA
GetWindowTextA
EndPaint
DefWindowProcA
InvalidateRect
SetWindowPos
ReleaseCapture
WinHelpA

msvcrt

_strnicmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
time
remove
getenv
strspn
exit
toupper
ungetc
fread
abort
_stricmp
memchr
strcspn
fputc
qsort
strncat
strncpy
strncmp
fclose
fgetc
fopen
atoi
strchr
sprintf
memmove
atof
_pctype
_isctype
__mb_cur_max
fflush
strftime
tolower
fwrite
fprintf
_iob
strtoul
strtol
malloc
realloc
free
_vsnprintf
fgets
sscanf
strrchr
strtok

gdi32

CreatePalette
ExtTextOutA
GetCharacterPlacementW
SetBkMode
GetBkMode
ExtTextOutW
GetCharABCWidthsFloatA
GetPixel
SetTextAlign
CreateCompatibleBitmap
TranslateCharsetInfo
GetObjectA
LineTo
SelectPalette
CreatePen
SetPixel
Polyline
GetCharWidthW
GetCharWidth32W
GetCharWidthA
GetCharWidth32A
SetPaletteEntries
UnrealizeObject
UpdateColors
ExcludeClipRect
IntersectClipRect
CreateBitmap
RealizePalette
CreateFontA
GetTextMetricsA
GetDeviceCaps
SetMapMode
GetTextExtentExPointA
CreateFontIndirectA
SelectObject
GetStockObject
CreateSolidBrush
Rectangle
SetTextColor
SetBkColor
TextOutA
DeleteObject
CreateCompatibleDC
GetTextExtentPoint32A
MoveToEx
DeleteDC

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
GetUserNameA
RegCreateKeyA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA
RegCloseKey

comctl32

ord13
ord14
ord15
ord17

comdlg32

ChooseFontA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

imm32

ImmGetCompositionStringW
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shell32

ShellExecuteA

winmm

PlaySoundA

winspool.drv

EnumPrintersA
ClosePrinter
EndDocPrinter
StartPagePrinter
StartDocPrinterA
OpenPrinterA
WritePrinter
EndPagePrinter

ws2_32

closesocket
connect
htons
socket
gethostbyname
WSACleanup
WSAStartup
send

Sections

.text
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a521f4b013ff42669ba31f5dc2fec304

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

gdi32

advapi32

comctl32

comdlg32

imm32

ole32

shell32

winmm

winspool.drv

ws2_32

Sections

.text Size: 357KB - Virtual size: 356KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 1024B - Virtual size: 23KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 357KB - Virtual size: 356KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 1024B - Virtual size: 23KB

.rsrc
Size: 15KB - Virtual size: 15KB