417ff0df77a03210477cddbd0a80c940

Sharing

Copy URL Twitter E-mail

General

Target

417ff0df77a03210477cddbd0a80c940
Size

580KB
MD5

417ff0df77a03210477cddbd0a80c940
SHA1

36bfb3e17afb801543ed6accdfc00904586e2091
SHA256

aefa2943993053ff6daa14fcfea14919be81f5958e406ead601c2be28e6595c8
SHA512

a83667d487698c9bac14c212e81bc48d6763758b69d942fdd05c1db1d8926f9e69d2bc683b12f1753063df5a35fa7ba403800e8fb6a7053b03d5ecc8280b57fa
SSDEEP

12288:Q6MbbTDstiOp9sWhAS1Z3uG+hmKeGRIrCtkOXG:UbQPB3ZgMfO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417ff0df77a03210477cddbd0a80c940

Files

417ff0df77a03210477cddbd0a80c940
.exe windows:4 windows x86 arch:x86

d4f4b17df3f4ecce3a8eff9b879c33e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
GetDeviceCaps
SetDIBits
AddFontResourceW
DescribePixelFormat
CreateDCW
GetObjectW
GetTextExtentExPointA
CombineRgn
CreateColorSpaceA
RoundRect
EnableEUDC
SetBkMode
LineDDA
GetPolyFillMode
GetFontData
GetEnhMetaFilePaletteEntries
SetViewportOrgEx
GetLogColorSpaceA
FrameRgn

comctl32

ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_Create
ImageList_SetDragCursorImage
ImageList_SetImageCount
CreateStatusWindowW
ImageList_LoadImage
InitMUILanguage
ImageList_Duplicate
ImageList_Replace
CreateMappedBitmap
InitCommonControlsEx
ImageList_DragEnter

advapi32

LookupAccountNameW
GetUserNameW
CryptDecrypt
RegEnumValueW
RegQueryInfoKeyW
CryptDestroyHash
CryptReleaseContext
CryptEnumProviderTypesA
LookupPrivilegeNameW
RegSetValueW
RegCreateKeyExW

wininet

InternetCombineUrlW

kernel32

EnumSystemLocalesA
GetWindowsDirectoryA
GetModuleHandleA
SetEnvironmentVariableA
IsDebuggerPresent
WriteConsoleA
HeapDestroy
GetProcessHeap
GetStartupInfoW
SetHandleCount
GetCurrentProcess
HeapReAlloc
GetCommandLineA
CompareStringW
GetTickCount
TlsSetValue
IsValidCodePage
VirtualQuery
WriteConsoleOutputA
SetStdHandle
RtlFillMemory
WriteFileEx
GetStringTypeA
WideCharToMultiByte
SetUnhandledExceptionFilter
WaitForDebugEvent
GetOEMCP
TlsAlloc
RaiseException
EnterCriticalSection
FlushViewOfFile
UnhandledExceptionFilter
LocalCompact
GetCurrentThread
CreateMutexA
WriteConsoleW
FlushFileBuffers
GetConsoleOutputCP
CloseHandle
DeleteCriticalSection
LoadLibraryW
MultiByteToWideChar
GetLocaleInfoA
FindFirstFileExW
InterlockedDecrement
ExpandEnvironmentStringsA
GlobalFix
HeapCreate
IsValidLocale
LocalUnlock
SetFileAttributesW
GetProfileIntW
HeapFree
DebugBreak
InitializeCriticalSection
GetSystemTimeAsFileTime
GetStartupInfoA
InterlockedIncrement
WriteProfileSectionW
FindResourceW
ReadFile
GetEnvironmentStringsW
IsBadReadPtr
CreateFileA
GetModuleFileNameA
OpenSemaphoreW
GetLocaleInfoW
GetCurrentThreadId
GetEnvironmentStrings
lstrlenA
RtlUnwind
FreeEnvironmentStringsA
HeapSize
LeaveCriticalSection
GetLastError
LocalFree
SetTimeZoneInformation
GetCPInfo
HeapLock
OutputDebugStringA
GetCurrentProcessId
FreeEnvironmentStringsW
GetCommandLineW
GetFileType
SetLastError
TlsGetValue
SetFilePointer
HeapAlloc
UnlockFile
GetConsoleMode
GetModuleFileNameW
LocalFileTimeToFileTime
FreeLibrary
CreateEventW
ExitProcess
GetVersionExA
WriteFile
GetStdHandle
QueryPerformanceCounter
TerminateProcess
GetACP
VirtualAlloc
GetTimeFormatA
InterlockedExchange
CompareStringA
FindResourceExA
OutputDebugStringW
GetUserDefaultLCID
EnumSystemLocalesW
EnumCalendarInfoW
LCMapStringW
VirtualFree
WritePrivateProfileStringW
SetConsoleCursorPosition
GetDateFormatA
LCMapStringA
GetConsoleCP
OpenMutexA
SetConsoleCtrlHandler
TlsFree
LoadLibraryA
GetStringTypeW
CreatePipe
GetProcAddress
LocalSize
GetTimeZoneInformation
GlobalAddAtomW
HeapValidate

user32

SetParent
WaitMessage
CreateDialogIndirectParamW
EnumDisplaySettingsExA
GetAsyncKeyState
DispatchMessageW
CascadeChildWindows
SetMenuContextHelpId
TranslateAcceleratorW
GetClassInfoExW
DefWindowProcA
NotifyWinEvent
SetDoubleClickTime
CloseClipboard
VkKeyScanW
GetDCEx
DrawFrame
SetDebugErrorLevel
GetNextDlgTabItem
CharLowerA
SetMenuItemBitmaps
GetMonitorInfoA
GetWindowTextW
EnumChildWindows
SwitchDesktop
VkKeyScanA
CreateWindowExW
ShowCaret
GetWindowInfo
GetKeyboardLayoutNameA
GetOpenClipboardWindow
ShowWindow
GetUserObjectInformationA
WindowFromDC
GetForegroundWindow
DrawMenuBar
HideCaret
SetPropW
IsZoomed
WINNLSEnableIME
CheckMenuItem
DlgDirListW
DdeQueryStringA
ImpersonateDdeClientWindow
RegisterClassExA
ShowOwnedPopups
PostMessageA
OemToCharBuffW
RegisterClassA
GetIconInfo
EnumDisplayMonitors
GetDesktopWindow
SetMessageQueue
CharUpperBuffA
EnumDisplaySettingsW
InSendMessage
DestroyWindow
SetDlgItemTextA
CharToOemBuffW
InsertMenuItemA
DlgDirSelectComboBoxExW
DlgDirListComboBoxA
SetLastErrorEx
MessageBoxA
RegisterDeviceNotificationA
GetDoubleClickTime
SetCursorPos
SetMenuItemInfoW
SetPropA
SetFocus
LoadStringA

shell32

SHBrowseForFolderA
ExtractIconExA
SHFreeNameMappings
SHUpdateRecycleBinIcon

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4f4b17df3f4ecce3a8eff9b879c33e4

Headers

File Characteristics

Imports

gdi32

comctl32

advapi32

wininet

kernel32

user32

shell32

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 176KB - Virtual size: 172KB

.data Size: 100KB - Virtual size: 104KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 176KB - Virtual size: 172KB

.data
Size: 100KB - Virtual size: 104KB

.rsrc
Size: 16KB - Virtual size: 12KB