517c2c9eb18d81b251e3b79b4da48b6e

Sharing

Copy URL Twitter E-mail

General

Target

517c2c9eb18d81b251e3b79b4da48b6e
Size

587KB
MD5

517c2c9eb18d81b251e3b79b4da48b6e
SHA1

a802cbaface22633ea09361e1cafd3a7848444e9
SHA256

409112e3c891fca0c68733ec73b4c20f78f2aba0cc669a7b5472eab43fc80f01
SHA512

96b0de663ff96c95e7426e1df856433d1de41dc28c80704f2c798f905f0770b056b879febb208f34448b433cf8d9447ab8cdb7c14804f2a616f5e69989983ec6
SSDEEP

12288:qtHud2X8Cohsw5eDMepSNxLSoEAQwgj7snGdlEQZ:gI2MCohswYwepbH7lEQZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
517c2c9eb18d81b251e3b79b4da48b6e

Files

517c2c9eb18d81b251e3b79b4da48b6e
.exe windows:4 windows x86 arch:x86

f4569a85d5265dc909e65af01c9a3827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CheckEscapesW
SHGetSpecialFolderPathA
SHGetMalloc

comctl32

ImageList_GetImageInfo
_TrackMouseEvent
ImageList_AddIcon
ImageList_SetBkColor
ImageList_Destroy
ImageList_GetIcon
DrawStatusTextA
InitCommonControlsEx
ImageList_GetImageCount
ImageList_EndDrag
ImageList_Write
ImageList_SetImageCount
ImageList_AddMasked
ImageList_GetBkColor
CreateStatusWindow
ImageList_Draw
ImageList_SetIconSize
CreateToolbarEx

user32

ChangeDisplaySettingsW
GetMenuItemID
CloseWindowStation
DdeConnect
GetCaretBlinkTime
CreateWindowExW
DdeNameService
IsZoomed
GetPropW
CreateIcon
RegisterDeviceNotificationA
SetDlgItemTextW
RegisterClassW
GetScrollInfo
MapVirtualKeyW
ModifyMenuA
MessageBoxA
GetParent
CopyImage
SetMenuItemBitmaps
DefWindowProcA
RegisterClassA
ShowWindow
CloseClipboard
RegisterClassExA
SetProcessDefaultLayout
CreateDialogParamA
DestroyWindow

wininet

InternetQueryOptionA
FtpRenameFileA
InternetConfirmZoneCrossingA
InternetQueryDataAvailable

kernel32

VirtualQuery
VirtualFree
CloseHandle
GetModuleHandleA
CreateRemoteThread
GetStringTypeA
IsBadWritePtr
GetCurrentProcess
ExitProcess
RtlUnwind
MultiByteToWideChar
TransmitCommChar
HeapCreate
CompareStringW
MapViewOfFile
GetCurrentThread
QueryPerformanceCounter
TlsSetValue
SetHandleCount
TerminateProcess
GetCommandLineA
GetStartupInfoA
GetCurrentThreadId
TlsAlloc
DeleteCriticalSection
GetProcAddress
CompareStringA
RtlMoveMemory
GetTickCount
GetStdHandle
LCMapStringW
GetCPInfo
GetModuleFileNameA
LCMapStringA
EnterCriticalSection
GetOEMCP
EnumTimeFormatsA
GetProcessShutdownParameters
InterlockedIncrement
HeapFree
MoveFileW
FlushFileBuffers
CreateThread
GetEnvironmentStringsW
InterlockedExchange
lstrlenA
GetLastError
WaitForDebugEvent
WideCharToMultiByte
LoadLibraryExW
InterlockedDecrement
HeapReAlloc
FreeEnvironmentStringsA
Sleep
GetVolumeInformationA
IsValidLocale
GetVersion
GetStringTypeW
WriteFile
SetEnvironmentVariableA
GetConsoleTitleA
TerminateThread
GlobalUnlock
GetSystemTimeAsFileTime
GetProfileIntW
GetSystemTime
InterlockedExchangeAdd
GetPrivateProfileSectionNamesW
GetFileType
FreeEnvironmentStringsW
HeapDestroy
EnumCalendarInfoExA
GetACP
InitializeCriticalSection
WaitForSingleObject
GetProcAddress
OpenMutexW
UnhandledExceptionFilter
HeapAlloc
GetLocalTime
OpenMutexA
CreateMutexA
LeaveCriticalSection
GlobalFix
SetConsoleTextAttribute
LoadLibraryA
GetTimeZoneInformation
ReadFile
LoadLibraryExA
lstrcmp
AddAtomW
AddAtomA
TlsGetValue
SetLastError
GetEnvironmentStrings
CreateNamedPipeW
SetFilePointer
GetThreadSelectorEntry
GlobalHandle
GetCurrentProcessId
GetNumberFormatW
SetStdHandle
TlsFree
VirtualAlloc

advapi32

RegLoadKeyW
RegCreateKeyW
CryptSetKeyParam
StartServiceW
LookupPrivilegeValueA
LookupPrivilegeDisplayNameA
RegConnectRegistryW
InitializeSecurityDescriptor
LookupAccountSidW
CryptGetHashParam
RegFlushKey
RegNotifyChangeKeyValue
CryptVerifySignatureW
RegEnumValueW
CryptHashSessionKey
CryptHashData
CryptEnumProvidersW
RegSetValueExA
CryptDecrypt
CryptSignHashA
CryptGenRandom
RegEnumKeyExA
RegEnumKeyA

comdlg32

ChooseFontA
GetFileTitleA
GetOpenFileNameW

Sections

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4569a85d5265dc909e65af01c9a3827

Headers

File Characteristics

Imports

shell32

comctl32

user32

wininet

kernel32

advapi32

comdlg32

Sections

.text Size: 208KB - Virtual size: 208KB

.rdata Size: 257KB - Virtual size: 256KB

.data Size: 107KB - Virtual size: 127KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 208KB - Virtual size: 208KB

.rdata
Size: 257KB - Virtual size: 256KB

.data
Size: 107KB - Virtual size: 127KB

.rsrc
Size: 13KB - Virtual size: 12KB