17ee74aca0d8f746c9ab89212944da05

Sharing

Copy URL Twitter E-mail

General

Target

17ee74aca0d8f746c9ab89212944da05
Size

538KB
MD5

17ee74aca0d8f746c9ab89212944da05
SHA1

8081167186e8dfe3f793ed2a7fbc25756f1f78d2
SHA256

ddda1d46d81fc627072afdf8ddb9cc7a41b805d168ee852df3218f74e9fea188
SHA512

22dc1d565ae1463be503a72905af4f6a995657200e889bb2682cea1695d2e9a61c3334a1dc4845a51e2b4b544a407b19f7c9e2f25c50f860c6b418188bfd489e
SSDEEP

12288:mpxo66NpLem8o4xZlra0ENxinWIZF75nhc/+/KjKF09jgMc4XmptgTMYQeBAGPqV:mpxo66Ndem8txZlra0ENxinWIZF7Vhc+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17ee74aca0d8f746c9ab89212944da05

Files

17ee74aca0d8f746c9ab89212944da05
.exe windows:4 windows x86 arch:x86

0dadfe7001d52c4e3a6ba2bea9a6259f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AnyPopup
OemToCharBuffW
CharToOemBuffA
SendNotifyMessageW
EndMenu
RegisterClassA
DrawIcon
GetClipboardData
RegisterHotKey
WINNLSGetEnableStatus
SendIMEMessageExW
CopyRect
GetMonitorInfoW
RegisterClassExA
GetWindowThreadProcessId

kernel32

HeapAlloc
CreateMutexA
VirtualAlloc
GetStartupInfoA
GetVersionExA
GetStringTypeExA
WriteConsoleA
SetStdHandle
TlsFree
ReadFile
GetConsoleCP
LeaveCriticalSection
FreeEnvironmentStringsA
WriteConsoleW
GetCurrentProcessId
GetSystemDirectoryW
OpenSemaphoreW
HeapDestroy
GetOEMCP
GetModuleFileNameA
GetACP
VirtualFree
WideCharToMultiByte
GetStringTypeW
LoadLibraryA
RtlUnwind
HeapSize
CompareStringW
GetLocaleInfoA
CreateNamedPipeA
GetFileAttributesW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FileTimeToSystemTime
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
HeapFree
LCMapStringW
CloseHandle
RemoveDirectoryW
GetCommandLineA
MultiByteToWideChar
GetLocaleInfoW
IsValidCodePage
GetUserDefaultLCID
SetHandleCount
GetLastError
SetEnvironmentVariableA
GetProcAddress
GetCurrentProcess
TlsGetValue
OpenMutexA
EnumSystemLocalesA
WritePrivateProfileStructA
WriteFile
WaitCommEvent
GetCurrentThread
InterlockedIncrement
SetConsoleCtrlHandler
FlushFileBuffers
GetCurrentThreadId
GetConsoleOutputCP
GetProcessHeap
GetTimeFormatA
FindResourceA
DeleteCriticalSection
GetFileType
SetLastError
TlsAlloc
DuplicateHandle
GetStringTypeA
GetEnvironmentStrings
LoadResource
GetSystemDirectoryA
GetEnvironmentStringsW
QueryPerformanceCounter
VirtualQuery
FreeLibrary
CompareStringA
GetTimeZoneInformation
SetFilePointer
InitializeCriticalSection
GetConsoleMode
TlsSetValue
PulseEvent
EnterCriticalSection
GetTickCount
GetStdHandle
Sleep
IsValidLocale
HeapReAlloc
ExitProcess
CreateFileA
IsDebuggerPresent
InterlockedExchange
GetDateFormatA
InterlockedDecrement
HeapCreate
GetModuleHandleA
LCMapStringA
TerminateProcess

comdlg32

FindTextA
GetFileTitleA

shell32

SHGetFileInfo
SHFileOperation
SheGetDirA
SHGetDesktopFolder
ShellExecuteExW

advapi32

CryptExportKey
RegSetValueExW
RegRestoreKeyA
StartServiceW
CryptDuplicateKey
RegCreateKeyExW
RegEnumKeyA
LogonUserA
RegDeleteKeyA
LookupAccountSidA
RegLoadKeyW
CryptContextAddRef
ReportEventW
GetUserNameA
RegConnectRegistryW
LogonUserW
RegCreateKeyW
CryptGenKey
CryptSetHashParam
CryptEnumProviderTypesA
CryptSetProvParam
RegDeleteKeyW
CryptGetHashParam
RegCreateKeyExA
RegEnumKeyExW

gdi32

CreateColorSpaceW
CloseEnhMetaFile
BeginPath
RectInRegion
FillPath
InvertRgn
GetDCOrgEx
SetICMMode
ResetDCA
GetEnhMetaFilePaletteEntries
GetPaletteEntries
Arc
CopyMetaFileW
PatBlt
EnumICMProfilesW
SetBoundsRect
GetCurrentPositionEx
SwapBuffers

comctl32

InitCommonControlsEx

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dadfe7001d52c4e3a6ba2bea9a6259f

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

shell32

advapi32

gdi32

comctl32

Sections

.text Size: 199KB - Virtual size: 199KB

.rdata Size: 11KB - Virtual size: 37KB

.data Size: 317KB - Virtual size: 317KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 199KB - Virtual size: 199KB

.rdata
Size: 11KB - Virtual size: 37KB

.data
Size: 317KB - Virtual size: 317KB

.rsrc
Size: 9KB - Virtual size: 8KB