7f17dd96643b5f2c1d6d26bfaf600be2

Sharing

Copy URL Twitter E-mail

General

Target

7f17dd96643b5f2c1d6d26bfaf600be2
Size

808KB
MD5

7f17dd96643b5f2c1d6d26bfaf600be2
SHA1

40f7415a4974e19b99da68ec634a7534700b18ec
SHA256

ba9e79f9f1658842725214a36a96e70bfd97b3d37421c70165ca720aa0c6c85c
SHA512

4cb35b3201db9128927439a0816c1579392277a62c8497440dc0e8612e29b835d214040266834839786885774e5523fcb990a6bcc90455264bfa9f864430207f
SSDEEP

12288:xPNP80vVOckGY/bqQoDf1GQvJSnehGnzc2MHx:pNjOr+JBGQYNno2yx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f17dd96643b5f2c1d6d26bfaf600be2

Files

7f17dd96643b5f2c1d6d26bfaf600be2
.exe windows:4 windows x86 arch:x86

4156d9c312355e8f7fc8be4dc555dd4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\CTF\GYJEO\AOBYONSE.PDB

Imports

kernel32

HeapFree
RaiseException
GetTimeZoneInformation
TlsSetValue
LoadLibraryW
RtlUnwind
GetModuleFileNameW
GetFileType
GetTickCount
GetSystemTimeAsFileTime
CreateFileA
InterlockedExchange
MultiByteToWideChar
VirtualFree
DeleteCriticalSection
GetStartupInfoA
IsValidCodePage
GetCurrentThreadId
WriteConsoleW
GetACP
UnhandledExceptionFilter
CreateMutexW
SetHandleCount
SetStdHandle
Sleep
GetCurrentProcess
GetCurrentProcessId
CompareStringA
VirtualAlloc
FlushFileBuffers
InitializeCriticalSection
GetProcAddress
IsDebuggerPresent
GetConsoleMode
SetFilePointer
TlsGetValue
GetVersionExA
LCMapStringW
EnterCriticalSection
TlsAlloc
SetUnhandledExceptionFilter
GetLastError
InterlockedDecrement
LoadLibraryA
GetCommandLineA
GetLocaleInfoA
HeapCreate
GetStdHandle
GetConsoleCP
CompareStringW
GetDateFormatA
GetModuleHandleA
TerminateProcess
FreeEnvironmentStringsW
GetCommandLineW
HeapReAlloc
GetCPInfo
SetLastError
LeaveCriticalSection
WideCharToMultiByte
GetModuleHandleW
GetEnvironmentStrings
ReadFile
GetModuleFileNameA
InterlockedIncrement
FreeEnvironmentStringsA
WriteFile
CloseHandle
GetStartupInfoW
HeapAlloc
WriteConsoleA
TlsFree
QueryPerformanceCounter
GetConsoleOutputCP
GetEnvironmentStringsW
HeapDestroy
VirtualQuery
SetEnvironmentVariableA
ExitProcess
GetProcessHeap
HeapSize
GetStringTypeA
GetTimeFormatA
GetOEMCP
LCMapStringA
GetStringTypeW

winmm

mmioAscend
waveOutOpen
mixerSetControlDetails
timeGetTime
waveOutPrepareHeader
waveOutReset
mixerGetDevCapsA
waveOutPause
waveOutUnprepareHeader
mciSendCommandA
mixerClose
waveOutClose
PlaySoundA
mixerOpen
waveOutWrite

gdi32

LineTo
CreateDCA
GetTextMetricsA
StrokePath
GetRegionData
Polygon
CloseEnhMetaFile
GetMapMode
GetWindowOrgEx
CreateCompatibleDC
SetPixel
ExtCreatePen
StartDocA
CreateBrushIndirect
SaveDC
SetPixelV
SelectPalette
GetPaletteEntries
GetCurrentObject
SetMapMode
SetStretchBltMode
Polyline
CreatePen
SetTextColor
CreateEllipticRgnIndirect
FillPath
MoveToEx
Escape
Pie
PtInRegion
ExtCreateRegion
ScaleViewportExtEx
ExcludeClipRect
DeleteObject
DeleteDC
Ellipse
CreateEnhMetaFileA
OffsetViewportOrgEx
CreatePatternBrush
EndPage
GetTextColor
CombineRgn
StartPage
TextOutA
SelectObject
GetDeviceCaps
RestoreDC
BeginPath
RectInRegion
SetBkColor
GetROP2
Rectangle
CopyMetaFileA
OffsetRgn
SetRectRgn
CreateDIBitmap
GetClipBox
GetBkColor
CreateFontIndirectA
SetROP2
GetCurrentPositionEx
CreateRoundRectRgn
ResetDCA
SetPolyFillMode
FrameRgn
GetClipRgn
SetWindowOrgEx
GetTextExtentPoint32A
Arc
StretchDIBits
BitBlt
RealizePalette
CreateBitmap
CreateRectRgn
GetTextFaceA
PlayEnhMetaFile
SetAbortProc
GetNearestPaletteIndex
GetDCOrgEx
GetCharWidthA
GetDIBits
EndDoc
EndPath
CreateSolidBrush
GetRgnBox
ScaleWindowExtEx

advapi32

OpenSCManagerA
RegDeleteKeyA
OpenProcessToken
RegEnumKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyA
RegEnumKeyExA
CloseServiceHandle
RegOpenKeyA
InitializeSecurityDescriptor
RegOpenKeyExA
RegSetValueExA

comctl32

ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_DragEnter
ord17
_TrackMouseEvent
ImageList_Destroy
CreatePropertySheetPageA
ImageList_Draw
ImageList_Add
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_Create

user32

IsWindowEnabled
MapWindowPoints
GetWindowRect
SetClipboardData
EnableWindow
RegisterClassExW
DeleteMenu
LoadIconW
IsChild
DrawStateW
TranslateMessage
DefWindowProcW
LoadImageW
GetDC
GetSystemMetrics
CreatePopupMenu
IsClipboardFormatAvailable
DestroyIcon
DispatchMessageW
GetDCEx
LoadCursorW
LoadBitmapW
EnableMenuItem
GetWindowThreadProcessId
GetWindow
GetDlgItem
GetSystemMenu
RegisterClipboardFormatW
DrawFocusRect
DrawIcon
ReleaseCapture
ScrollWindowEx
RegisterClassW

oleaut32

LoadTypeLi

shell32

SHGetDesktopFolder
ord155
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderLocation
SHGetFileInfoA

comdlg32

PageSetupDlgA
CommDlgExtendedError

ole32

OleRun
CreateILockBytesOnHGlobal
CoTaskMemFree
OleGetClipboard
CoTaskMemAlloc
CoRevokeClassObject
StgOpenStorage
StgCreateDocfileOnILockBytes

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4156d9c312355e8f7fc8be4dc555dd4a

Headers

File Characteristics

PDB Paths

Imports

kernel32

winmm

gdi32

advapi32

comctl32

user32

oleaut32

shell32

comdlg32

ole32

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 480KB - Virtual size: 479KB

.data Size: 104KB - Virtual size: 128KB

.rsrc Size: 104KB - Virtual size: 102KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 480KB - Virtual size: 479KB

.data
Size: 104KB - Virtual size: 128KB

.rsrc
Size: 104KB - Virtual size: 102KB