c06941e1b1f05b60cbeb665f080b3cf7b8a60873e27cf8a3296a0992d5ee0de1

Sharing

Copy URL Twitter E-mail

General

Target

c06941e1b1f05b60cbeb665f080b3cf7b8a60873e27cf8a3296a0992d5ee0de1
Size

1.4MB
MD5

40b3ba78d37195023678fcad9a0083b0
SHA1

4ef7a49656788e8960b3beab680f86a03c5f1ece
SHA256

c06941e1b1f05b60cbeb665f080b3cf7b8a60873e27cf8a3296a0992d5ee0de1
SHA512

755603278c894142283a64a3d22333736278a446c553f03d7faf28ecf7463dffc5f449d81b832db7f9e11ef7498f1df68a46367777b54a92165a69d9177cb787
SSDEEP

24576:xqQau5KFOGHuatmI9YOZOecV0+qMbO+9IqD1YzeBHGd:ZaFcMceVwIu1Twd

Score

N/A

Malware Config

Signatures

Files

c06941e1b1f05b60cbeb665f080b3cf7b8a60873e27cf8a3296a0992d5ee0de1
.exe windows x86

34f08aa57fb646c033ea4068b297137e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pcat

PCAT_addPDF
PCAT_open
PCAT_close

pafcv2

ord3
ord6
ord7
ord4
ord5
ord12
ord2

paftopdf

ord1

libtiff

ord35
ord42
ord9
ord10
ord5
ord32
ord54
ord29
ord11
ord33
ord36
ord2

imm32

ImmReleaseContext
ImmGetContext
ImmAssociateContext
ImmSetOpenStatus
ImmGetOpenStatus
ImmGetConversionStatus
ImmSetConversionStatus

kernel32

LocalReAlloc
TlsGetValue
TlsSetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
WritePrivateProfileStringA
SetErrorMode
GetDiskFreeSpaceA
RtlUnwind
RaiseException
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
SetStdHandle
LeaveCriticalSection
lstrcpynA
GetFullPathNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
TlsFree
EnterCriticalSection
EnumSystemLocalesA
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
lstrcmpA
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
CreateProcessA
MultiByteToWideChar
InterlockedDecrement
OutputDebugStringA
CreateFileA
ReadFile
CloseHandle
DeleteFileA
GetCurrentDirectoryA
GetLastError
GlobalFlags
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetDriveTypeA
CopyFileA
FindFirstFileA
FindClose
GetModuleFileNameA
GetTickCount
LocalAlloc
GlobalHandle
TlsAlloc
IsValidLocale
SizeofResource
IsValidCodePage
LCMapStringW
GetVolumeInformationA
InterlockedExchange
GetProfileStringA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
FormatMessageA
LocalFree
WideCharToMultiByte
InterlockedIncrement
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
WriteFile
SetFilePointer
MoveFileA
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
MulDiv
GetLocaleInfoA
InitializeCriticalSection
GetCurrentThreadId
GetModuleHandleA
SetCurrentDirectoryA
CreateMutexA
GetSystemDefaultLCID
LCMapStringA
IsDBCSLeadByte
lstrcpyA
lstrcatA
lstrcmpiA
GlobalReAlloc
LoadLibraryA
GetProcAddress
GetTempFileNameA
lstrlenA
GetVersionExA
FindNextFileA
FreeLibrary
ReleaseMutex
DeleteCriticalSection
HeapDestroy
GetUserDefaultLCID
GetTempPathA
CreateDirectoryA
LockResource
LoadResource
FindResourceA
GetFileSize
UnhandledExceptionFilter
SetFileAttributesA
Sleep

user32

BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
MessageBeep
TranslateAcceleratorA
LoadAcceleratorsA
DestroyMenu
wvsprintfA
GetMessageA
ValidateRect
WindowFromPoint
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
CharUpperA
OemToCharA
CharToOemA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetClassNameA
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
CopyAcceleratorTableA
GetNextDlgGroupItem
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
SetWindowContextHelpId
RegisterClipboardFormatA
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
SetWindowRgn
GetFocus
ClientToScreen
EqualRect
IsRectEmpty
DrawTextA
MessageBoxA
PostQuitMessage
FindWindowA
DispatchMessageA
TranslateMessage
SetForegroundWindow
LoadStringA
IsWindowVisible
PostThreadMessageA
IntersectRect
SetRect
SetCapture
IsWindow
WaitForInputIdle
SetActiveWindow
ScreenToClient
LoadMenuA
GetSubMenu
DeleteMenu
GetCursorPos
KillTimer
wsprintfA
PeekMessageA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
SetFocus
CharNextA
RemoveMenu
GetMenuStringA
InsertMenuA
GetSysColorBrush
GetDialogBaseUnits
TrackPopupMenu
GetMenuItemID
MapDialogRect
SetTimer
GetSystemMenu
AppendMenuA
LoadCursorA
GetSystemMetrics
LoadIconA
PtInRect
SystemParametersInfoA
GetDesktopWindow
UpdateWindow
GetDC
ReleaseDC
SetRectEmpty
SetCursor
GetWindowLongA
FrameRect
InflateRect
FillRect
DrawFocusRect
ReleaseCapture
GetParent
GetWindowRect
GetSysColor
CopyRect
GetClientRect
OffsetRect
DrawStateA
InvalidateRect
GetIconInfo
RedrawWindow
LoadImageA
DestroyIcon
DestroyCursor
GetDlgItem
SendMessageA
EnableWindow
PostMessageA
GetMessagePos
ShowOwnedPopups
GetLastActivePopup
GetWindowPlacement
IsIconic
GetScrollInfo
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

CreatePalette
GetObjectA
GetTextExtentPointA
StretchDIBits
CreateFontIndirectA
PtInRegion
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetDIBitsToDevice
RealizePalette
DeleteObject
GetViewportOrgEx
DeleteDC
Rectangle
CreateSolidBrush
SetViewportOrgEx
GetTextMetricsA
CreateDIBitmap
GetDeviceCaps
CreateBitmap
GetStockObject
GetPaletteEntries
SelectObject
ScaleWindowExtEx
CreatePolygonRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
SetWindowExtEx
OffsetWindowOrgEx
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
PatBlt
SetRectRgn
CreateRectRgnIndirect
GetTextExtentPoint32A
CopyMetaFileA
GetTextColor
GetBkColor
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetDIBits
SetBkMode
SelectPalette
RestoreDC
SaveDC
StartDocA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetSystemPaletteEntries
SelectClipRgn
MaskBlt
CreateRoundRectRgn
StretchBlt
DPtoLP
LPtoDP
CreatePen
CreateDIBSection
ExtCreateRegion
CombineRgn
CreateDCA

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
SetFileSecurityA
RegCreateKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueA
GetFileSecurityA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyExA
RegCreateKeyExA

shell32

ExtractIconA
DragFinish
SHGetFileInfoA
DragAcceptFiles
DragQueryFileA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ImageList_Read
ImageList_Merge
ImageList_Write
ImageList_Create
ImageList_Destroy
ImageList_LoadImageA
ord13
ord17
ord14
ImageList_Add
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragEnter

oledlg

ord8

ole32

CoInitialize
CoTaskMemFree
CoUninitialize
CoCreateInstance
CLSIDFromProgID
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoTreatAsClass
ReleaseStgMedium
OleRun
CLSIDFromString
CoDisconnectObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRegisterClassObject

olepro32

ord253

oleaut32

SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
SafeArrayAllocDescriptor
VarCyFromStr
SafeArrayPutElement
SafeArrayGetElement
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayRedim
VariantClear
SafeArrayPtrOfIndex
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayLock
SafeArrayUnlock
SysAllocStringLen
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysFreeString
SysReAllocStringLen
SysStringLen
SysStringByteLen
VariantChangeType
SafeArrayCreate
SetErrorInfo
LoadTypeLi
VariantTimeToSystemTime
GetErrorInfo
CreateErrorInfo
VariantInit
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData

gdiplus

GdipCloneImage
GdipCreateBitmapFromFile
GdipGetImageThumbnail
GdipAlloc
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSaveImageToFile
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipFree

Sections

.text
Size: 1.1MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34f08aa57fb646c033ea4068b297137e

Headers

File Characteristics

Imports

pcat

pafcv2

paftopdf

libtiff

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

gdiplus

Sections

.text Size: 1.1MB - Virtual size: 1.0MB

.rdata Size: 200KB - Virtual size: 196KB

.data Size: 40KB - Virtual size: 64KB

.idata Size: 20KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 64KB - Virtual size: 60KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 1.1MB - Virtual size: 1.0MB

.rdata
Size: 200KB - Virtual size: 196KB

.data
Size: 40KB - Virtual size: 64KB

.idata
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 64KB - Virtual size: 60KB

.rmnet
Size: 60KB - Virtual size: 60KB