17fadc6f43390efdd63cf0c2fb3efbe0

Sharing

Copy URL

Twitter E-mail

General

Target

17fadc6f43390efdd63cf0c2fb3efbe0
Size

380KB
MD5

17fadc6f43390efdd63cf0c2fb3efbe0
SHA1

1c2f219deb6f001943e53fa2116b529ecb55ef82
SHA256

c48807632a9e9328396b4c9f6c555f10da1a89e095fcac870a614f84fa943ca0
SHA512

b129c5090efdc4ab0b55c816f91458ecdf332ccca76bd268e3161f643d7ca00397a7eb245ae92666ade006785d7aa1c3f120c916b2b2cae44741c0ed50e57c48
SSDEEP

6144:ojb6W4x0E5p2V8KYi3o3q0j/Az9aT5vIwRYVlMPA6PMi8e8sWh6eRY+8STNx5yH:8sqE542KYi43q07AzQ5BRYXDtfezu5g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17fadc6f43390efdd63cf0c2fb3efbe0

Files

17fadc6f43390efdd63cf0c2fb3efbe0
.exe windows:4 windows x86 arch:x86

0745d423bde99286799b559fd3187895

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExW
GetDlgCtrlID
CharNextW
DdeDisconnectList
SendIMEMessageExA
GetCaretBlinkTime
GetNextDlgGroupItem
RegisterDeviceNotificationW
IsDialogMessageW
ToAsciiEx
IntersectRect
SendMessageTimeoutA
RegisterClassA
MapVirtualKeyA
SetUserObjectInformationA
GetSystemMenu
DestroyCaret
GetCursorInfo
LoadBitmapW
MessageBoxW
DefWindowProcA
LoadImageW
BroadcastSystemMessageW
ShowWindow
DdeAddData
InvalidateRect
LockWindowUpdate
CreateWindowExA
CharPrevW
LoadCursorFromFileA
GetClassInfoExA
RegisterClassExA
DdeQueryConvInfo
SetScrollPos
SetWindowContextHelpId
wvsprintfA
AttachThreadInput
GetWindowDC
ScrollDC
EnableWindow
DdeFreeStringHandle
DeleteMenu
GetKeyboardType
GetWindowLongW
LoadImageA
DestroyWindow
CharLowerBuffW
GetWindowRgn
OpenClipboard
RegisterClassW
DdeUnaccessData
GetKBCodePage
EndDialog
FlashWindowEx
LoadCursorA
CharLowerW
DdePostAdvise
PostThreadMessageW
RegisterWindowMessageA
DdeReconnect
SetKeyboardState

advapi32

LookupAccountNameA
LookupPrivilegeValueW
CryptEnumProvidersA
CryptSignHashW
LogonUserA
StartServiceW
RegReplaceKeyA
CryptSetProviderW
ReportEventW
CryptEncrypt
RegQueryMultipleValuesW
RegOpenKeyA
RegSaveKeyA
RegQueryValueW
RegCreateKeyExW
InitiateSystemShutdownA
LookupSecurityDescriptorPartsA
CryptImportKey
RegOpenKeyExW
CryptGetKeyParam
AbortSystemShutdownW
CryptEnumProviderTypesA
CryptSetProviderA
LookupAccountSidA

comctl32

ImageList_SetIconSize
ImageList_DrawIndirect
DrawStatusTextW
ImageList_LoadImageA
CreateUpDownControl
ImageList_Duplicate
ImageList_DrawEx
ImageList_GetFlags
ImageList_DragLeave
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_ReplaceIcon
ImageList_SetOverlayImage
ImageList_Replace
InitCommonControlsEx
DrawStatusText
ImageList_Draw
GetEffectiveClientRect
ImageList_AddMasked
ImageList_SetDragCursorImage
ImageList_SetImageCount
CreatePropertySheetPage
ImageList_EndDrag

kernel32

WriteConsoleOutputW
InitializeCriticalSection
GetModuleFileNameA
CreateDirectoryW
GetModuleHandleA
GetCurrentProcess
VirtualAlloc
MapViewOfFile
ReadFile
SetEnvironmentVariableA
GetCurrentThreadId
FillConsoleOutputAttribute
SetHandleCount
DebugBreak
GetConsoleOutputCP
GetTickCount
SetConsoleTextAttribute
EnumSystemCodePagesW
HeapDestroy
GetTimeZoneInformation
CreateMutexA
LoadLibraryA
CloseHandle
GetDiskFreeSpaceA
HeapFree
LocalAlloc
HeapCreate
GetVersionExW
HeapAlloc
VirtualQuery
GetCPInfo
GetLastError
EnumResourceNamesA
LockFileEx
WriteProfileSectionA
VirtualFree
CreateSemaphoreA
GetSystemTime
GetLocalTime
WriteConsoleOutputAttribute
GetFileType
GetProcAddress
GetVersion
CreateDirectoryExW
SetFilePointer
CompareStringW
DeleteCriticalSection
SetConsoleMode
GetCommandLineW
ExitThread
EnterCriticalSection
GetCommandLineA
GetStdHandle
GetAtomNameW
FlushFileBuffers
WideCharToMultiByte
WriteConsoleInputW
TlsGetValue
TlsAlloc
GetStringTypeA
HeapReAlloc
GetTempFileNameA
OpenMutexA
GetEnvironmentStrings
SetLastError
VirtualLock
GetCurrentProcessId
FindFirstFileExW
GetPrivateProfileStringW
GetSystemTimeAsFileTime
ExitProcess
InterlockedIncrement
CreateNamedPipeA
lstrcmpiW
TlsFree
GetModuleFileNameW
SetStdHandle
GetStringTypeW
UnhandledExceptionFilter
MultiByteToWideChar
GetStartupInfoW
LCMapStringA
LCMapStringW
ReleaseSemaphore
lstrcat
QueryPerformanceCounter
FreeEnvironmentStringsW
GetCompressedFileSizeW
CompareStringA
FreeEnvironmentStringsA
GetCurrentThread
WriteFile
IsBadWritePtr
InterlockedExchange
TerminateProcess
TlsSetValue
GetSystemInfo
RtlUnwind
GetEnvironmentStringsW
LeaveCriticalSection
OpenWaitableTimerW
lstrlenW
InterlockedDecrement
GetStartupInfoA
GlobalFix

gdi32

PolyBezierTo
WidenPath
AddFontResourceA
DeleteColorSpace
GetTextCharsetInfo
CreateEllipticRgnIndirect
ExtSelectClipRgn
GetICMProfileW
GetRegionData
SetMetaFileBitsEx
GetColorAdjustment
SetPolyFillMode
ColorMatchToTarget
PlayMetaFile
SwapBuffers
UnrealizeObject

wininet

IsHostInProxyBypassList
SetUrlCacheConfigInfoA
DeleteUrlCacheEntry
FtpPutFileW
InternetAutodialHangup
DeleteUrlCacheContainerA

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0745d423bde99286799b559fd3187895

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

gdi32

wininet

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 96KB - Virtual size: 120KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 96KB - Virtual size: 120KB

.rsrc
Size: 76KB - Virtual size: 74KB