17f474040dda307dc14b1b13af414a8e

Sharing

Copy URL

Twitter E-mail

General

Target

17f474040dda307dc14b1b13af414a8e
Size

320KB
MD5

17f474040dda307dc14b1b13af414a8e
SHA1

95bed0af8c9961aacb5c9c5c1b031c0ac8def0e4
SHA256

913a87c767efe370147136ee9b2b7446c14edf6408089b819b3393a223ef0d7d
SHA512

8021d4637c51ff1e2a355c24cbb36a8f76e745c0a2eed9979dd2bebf051b47cb6b0ff12efe4c67491a2024a135da0f99a5f25c44b62166fa498bd5c269ebebb9
SSDEEP

6144:5YLEkKDdm0Chl6iwb2RvTadLEsiqfZCM0wbB/s0GmPGsxzSE7H:5YIkKCBoLPxZC4/vGRO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17f474040dda307dc14b1b13af414a8e

Files

17f474040dda307dc14b1b13af414a8e
.exe windows:4 windows x86 arch:x86

298801c6317c28f9cdfad2f4286af526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
PrintDlgA

comctl32

InitMUILanguage
ImageList_LoadImageW
ImageList_SetFilter
ImageList_DragMove
ImageList_DragEnter
CreateMappedBitmap
ImageList_SetImageCount
CreatePropertySheetPageW
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_DrawEx
_TrackMouseEvent
ImageList_GetIcon
ImageList_Replace
InitCommonControlsEx
ImageList_Draw
ImageList_GetImageCount
CreateStatusWindowW

shell32

ExtractAssociatedIconA
SHGetFileInfo
SHGetSettings
SHEmptyRecycleBinA

gdi32

SelectObject
GetViewportOrgEx
RemoveFontResourceA
CreateScalableFontResourceA
GetBrushOrgEx
GetObjectW
GetDeviceCaps
DeleteDC
DeleteObject
CreateDCW
EnableEUDC
SetLayout

kernel32

FillConsoleOutputAttribute
GetVersion
LocalUnlock
LoadLibraryA
GetSystemTimeAsFileTime
GetModuleHandleA
VirtualAlloc
FlushInstructionCache
GetProfileIntA
HeapReAlloc
GetVersionExA
CreateWaitableTimerW
GetCurrentProcessId
WriteConsoleW
LCMapStringA
CompareStringA
SetFileAttributesW
CreateProcessA
WriteConsoleA
TlsGetValue
DeleteAtom
InterlockedDecrement
CreateMutexA
GetTimeZoneInformation
HeapDestroy
RaiseException
GetCalendarInfoW
VirtualFree
HeapFree
GetFileType
SetLastError
FindFirstFileExW
FindNextFileA
AddAtomA
InterlockedExchange
GetModuleFileNameA
TlsFree
SetEnvironmentVariableA
MoveFileExW
FreeResource
CloseHandle
GetComputerNameW
GetCPInfo
SetThreadPriority
GetCommandLineW
CompareStringW
GetCurrentDirectoryA
GetLastError
InterlockedIncrement
SetThreadLocale
WritePrivateProfileSectionA
GetStartupInfoW
ExitProcess
GetCurrentThreadId
SetFilePointer
GetCommandLineA
SetConsoleActiveScreenBuffer
OpenWaitableTimerA
GetThreadSelectorEntry
TerminateProcess
GetStdHandle
ReadFileEx
CreateFileMappingW
VirtualQuery
LoadModule
GetCurrentProcess
ReadFile
GetThreadTimes
SetLocalTime
OpenMutexA
MoveFileA
SetComputerNameW
lstrcatA
FormatMessageA
EnumSystemLocalesA
GetEnvironmentStringsW
DeleteFiber
lstrcpyA
HeapCreate
lstrcmpW
FreeEnvironmentStringsA
QueryPerformanceCounter
GetSystemTime
InitializeCriticalSection
EnumDateFormatsExA
FlushFileBuffers
EnterCriticalSection
SetHandleCount
HeapAlloc
TlsSetValue
GetStartupInfoA
GetModuleFileNameW
GetVolumeInformationA
CompareFileTime
UnhandledExceptionFilter
WideCharToMultiByte
TlsAlloc
CopyFileA
SetStdHandle
GetCurrentThread
GetLocalTime
GetEnvironmentStrings
RtlUnwind
LCMapStringW
GetStringTypeW
MultiByteToWideChar
LeaveCriticalSection
IsBadWritePtr
GetCalendarInfoA
SetCurrentDirectoryA
GetTickCount
FreeEnvironmentStringsW
GetProcAddress
WriteFile
DeleteCriticalSection
GetStringTypeA
ReadConsoleOutputA

user32

GetCursorPos
MessageBoxA
DestroyWindow
LoadMenuA
GetCapture
InvalidateRgn
DdeCreateStringHandleA
GetMenuItemCount
EnumWindows
PostMessageA
VkKeyScanA
GetDlgItemInt
WINNLSGetEnableStatus
SendDlgItemMessageW
GetWindowTextW
OpenInputDesktop
CreateWindowExA
CharUpperA
RegisterClassExA
CheckMenuItem
PaintDesktop
ActivateKeyboardLayout
RegisterClassA
RegisterDeviceNotificationW
IsZoomed
ShowWindowAsync
InvalidateRect
DdeUnaccessData
ShowWindow
GetWindowTextA
GetUserObjectInformationA
GetKBCodePage
DefWindowProcW
UnregisterDeviceNotification

wininet

InternetUnlockRequestFile
InternetQueryOptionA
SetUrlCacheGroupAttributeW
ShowCertificate
InternetOpenUrlW
RunOnceUrlCache
InternetQueryOptionW
DeleteIE3Cache

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

298801c6317c28f9cdfad2f4286af526

Headers

File Characteristics

Imports

comdlg32

comctl32

shell32

gdi32

kernel32

user32

wininet

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 92KB - Virtual size: 114KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 92KB - Virtual size: 114KB

.rsrc
Size: 36KB - Virtual size: 35KB