217ef850877ef6b212c969fd899f7fb3

Sharing

Copy URL Twitter E-mail

General

Target

217ef850877ef6b212c969fd899f7fb3
Size

192KB
MD5

217ef850877ef6b212c969fd899f7fb3
SHA1

a564a6fe4f5a7f4f66a67e8898cc3dde86077cc4
SHA256

e0080811c31175543ec0545d26313393287685599a07ab3b4f369df5201cf92c
SHA512

1099897cc12e0adf6555c230ea47905cf165674531c455d6f1c6d0c9893b09a0bef4fe6364b45bc566157cac61e08332c5c03e74e939c865128979cd3483162f
SSDEEP

3072:alJlLGQntpJfWmI4EDoZY+MTyMhmYkrZgYvDFUX+HLxhZLaBAF9BrafCN:MTLLn/JfWmIxszMLgeYLFUX+HLLpaipt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
217ef850877ef6b212c969fd899f7fb3

Files

217ef850877ef6b212c969fd899f7fb3
.exe windows:4 windows x86 arch:x86

4df58b2060cc101639b8f7033cdfb19e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

GetRgnBox
GetClipBox
SelectObject
CreateBrushIndirect
GetDCOrgEx
CreateBitmap

shlwapi

PathIsDirectoryA
SHGetValueA

kernel32

DeleteFileA
GetThreadLocale
GetACP
CloseHandle
ResetEvent
VirtualAllocEx
WideCharToMultiByte
FindResourceA
GetModuleHandleA
FreeResource
GetCommandLineA
DeleteCriticalSection
lstrcatA
Sleep
GetProcessHeap
SizeofResource
GetCurrentThread
WaitForSingleObject
VirtualFree
GlobalDeleteAtom
FindFirstFileA
LocalFree
GetStringTypeW
SetFilePointer
lstrcpyA
SetThreadLocale
GetModuleFileNameA
GetCPInfo
LocalAlloc
GetCurrentProcessId
ExitProcess

version

GetFileVersionInfoSizeA

user32

SetActiveWindow
UnhookWindowsHookEx
IsChild
SetWindowTextA
GetMenuStringA
GetSystemMenu
InvalidateRect
EndPaint
SetWindowPos
SetWindowsHookExA
DefWindowProcA
SetWindowLongA
GetCursorPos
SetClipboardData
IsWindowEnabled
GetScrollPos
GetKeyboardState
GetMenuState
SetClassLongA
GetWindowLongA
IsWindow
IsDialogMessageW
WaitMessage
FrameRect
SetScrollPos
GetDC
DrawTextA
ShowScrollBar
GetMenuItemInfoA
FillRect
SetWindowLongW
GetSysColor
GetMessagePos
GetKeyboardLayout
GetClassLongA
DrawMenuBar
MoveWindow
IsRectEmpty
GetWindowTextA
IntersectRect
WindowFromPoint
PeekMessageA
ShowWindow
FindWindowA
CallWindowProcA
PtInRect
GetClipboardData
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
GetWindowDC
OemToCharA
GetWindowPlacement
DrawFrameControl
CreateIcon
GetMenu
CharUpperBuffA
EnableWindow
GetKeyboardLayoutList
GetLastActivePopup
CreateWindowExA
GetMenuItemID
CloseClipboard
GetKeyboardType
SetMenu
CharNextW
RemoveMenu
UpdateWindow
MessageBoxA
DestroyWindow
GetKeyNameTextA
DispatchMessageW
RegisterWindowMessageA
IsDialogMessageA
GetClientRect
TranslateMessage
GetScrollRange
DrawIcon
SetMenuItemInfoA
LoadBitmapA
AdjustWindowRectEx
GetForegroundWindow
CharLowerBuffA
DestroyMenu
RemovePropA
EnableScrollBar
GetSubMenu
GetKeyState
GetWindow
GetParent
GetScrollInfo
ChildWindowFromPoint
GetSysColorBrush
SystemParametersInfoA
GetClassNameA
UnregisterClassA
SendMessageA
ShowOwnedPopups
GetClassInfoA
TranslateMDISysAccel
SetCursor
GetWindowRect
SetScrollInfo
CharToOemA
ActivateKeyboardLayout
GetCapture
CharNextA
wsprintfA
CharLowerA
SetWindowPlacement
IsWindowVisible
CallNextHookEx
EnableMenuItem
GetCursor
DeleteMenu
CheckMenuItem
IsZoomed
GetActiveWindow
CreateMenu
InsertMenuA
SetFocus
GetPropA
IsCharUpperA
GetMenuItemCount
GetFocus
DrawEdge
OffsetRect
LoadIconA
BeginPaint
SetScrollRange
InsertMenuItemA
ReleaseCapture
SetParent
LoadCursorA
ReleaseDC
DefFrameProcA
GetWindowTextLengthA
DestroyCursor
CharUpperA
MsgWaitForMultipleObjects
DrawIconEx
SendMessageW
SetPropA
DefMDIChildProcA
DestroyIcon
GetDCEx
LoadKeyboardLayoutA
GetIconInfo
CreatePopupMenu
SetRect
PostQuitMessage
SetTimer
SetCapture

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
FindTextA
ChooseColorA

Exports

Exports

oUoDcor@16
_WfyIe
DTP3ECJJX
_RXVts@16

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 2KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 339B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4df58b2060cc101639b8f7033cdfb19e

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

version

user32

comdlg32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 154KB - Virtual size: 153KB

.bss Size: 2KB - Virtual size: 109KB

.tls Size: 512B - Virtual size: 339B

.rdata Size: 512B - Virtual size: 24B

.idata Size: 5KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 136B

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 154KB - Virtual size: 153KB

.bss
Size: 2KB - Virtual size: 109KB

.tls
Size: 512B - Virtual size: 339B

.rdata
Size: 512B - Virtual size: 24B

.idata
Size: 5KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 136B

.rsrc
Size: 20KB - Virtual size: 20KB