44c2ca6291f77c820a845f3011cf28d8c7890153f0ebbb9add13ed423de08824

Sharing

Copy URL

Twitter E-mail

General

Target

44c2ca6291f77c820a845f3011cf28d8c7890153f0ebbb9add13ed423de08824
Size

666KB
MD5

f01804e7b5f95c91f07a2e43684bb1c1
SHA1

e2a8dbc3a212ec7900962180265f84845a6c9b58
SHA256

44c2ca6291f77c820a845f3011cf28d8c7890153f0ebbb9add13ed423de08824
SHA512

9a59f99ce02dd222cb1547f2bf9b814b302178a27fbac423129a8ee31348d4bb9f974b03248ee467eab5b2c29eade7f7f07be92dcf33bf4d7750a61848d39dd0
SSDEEP

12288:clWwqLkgsqCBJPeeu1rZxpBhkuLgYNskX5Fe1NXh71aNz:HoBAxZxDgYNskX5FsNCNz

Score

N/A

Malware Config

Signatures

Files

44c2ca6291f77c820a845f3011cf28d8c7890153f0ebbb9add13ed423de08824
.exe windows x86

1a4f2c41e6ac53922f99b55d2c8f609d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gsio

?SetColorType@CDwgExport@@QAEXH@Z
?DeleteDrawing@CDrawing@@SAXPAV1@@Z
?CreateDrawing@CDrawing@@SAPAV1@W4CDRAWING_SERVER@@@Z
g_U2A
?SetExportNoneDb@CDwgExport@@QAEX_N@Z
?SetCanExport@CDwgExport@@QAEX_N@Z
UninitDLL
InitDLL
?SetOpt@CDwgExport@@QAEX_N@Z
g_A2U
gs_A2U
DWG_SetSearchDirectories
??1CDwgExport@@UAE@XZ
??0CDwgExport@@QAE@XZ
?SetExtendMode@CDwgExport@@UAEX_N@Z
?GetExtendMode@CDwgExport@@UAE_NXZ
?TextParam@CDwgExport@@UAEXPBD0NNNN@Z
?PushClipPolygon@CDwgExport@@UAEXHPAUPointStruct@@@Z
CommonPenSets_SetDPI
gs_U2A
?PopClipPolygon@CDwgExport@@UAEXXZ
?Raster@CDwgExport@@UAEXNNNNHHHHPAX0J0_NK@Z
?endProgress@CDwgExport@@UAEXPBD@Z
?progress@CDwgExport@@UAEXPBDJ@Z
?beginProgress@CDwgExport@@UAEXPBDJJ@Z
?ShellCallback@CDwgExport@@UAEXW4ShellType@@@Z
?ExportOriginalScaleRaster@CDwgExport@@UAE_NXZ
?NeedRasterOutline@CDwgExport@@UAE_NXZ
?ExportAllObject@CDwgExport@@UAE_NXZ
?GetBkColor@CDwgExport@@UAEKXZ
?SetDevice2WorldMatrix@CDwgExport@@UAEXQAY03$$CBN@Z
?NeedActualCoordinate@CDwgExport@@UAE_NXZ
?SupportTTF@CDwgExport@@UAE_NXZ
?CanDrawArc@CDwgExport@@UAE_NXZ
?CanDrawRaster@CDwgExport@@UAE_NXZ
DWG_SetBackgroundColor

gsui

?UpdatePenSetsToGsIO@PrintPenSet@GsUI@@QAEXXZ
createWaterMarkSetting
hasNeededResource
saveLogFile
beginExportObject
drawWaterMark
showNeededResource
releaseWaterMarkSetting
releaseGsUI
?init@PrintPenSet@GsUI@@QAEXXZ
initGsUI
releaseAdvancedExportParam
createAdvancedExportParam
showLog
showPlotStyleDialog
?g_printPenSet@GsUI@@3VPrintPenSet@1@A

iow

FileDialogUnicode

kernel32

LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetModuleFileNameW
GetModuleHandleW
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
RtlUnwind
Sleep
ExitProcess
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
HeapReAlloc
VirtualAlloc
HeapSize
GetACP
IsValidCodePage
HeapCreate
VirtualFree
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LocalAlloc
SetStdHandle
CreateFileW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentProcessId
GetModuleFileNameA
FormatMessageA
LocalFree
MulDiv
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
GetLastError
SetLastError
FreeLibrary
lstrcmpW
GetModuleHandleA
GetProcAddress
GetVersionExA
FreeResource
WriteFile
CreateFileA
CloseHandle
GetFileSize
ReadFile
GlobalReAlloc
SetFilePointer
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
lstrcpyA
HeapAlloc
HeapFree
FindFirstFileW
FindNextFileW
lstrlenA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
SetErrorMode
CreateDirectoryA
GetDriveTypeA
FindFirstFileA
FindClose
GlobalFlags
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
InterlockedDecrement
FileTimeToSystemTime

user32

DrawTextExA
GrayStringA
BeginPaint
EndPaint
CharUpperA
GetSysColorBrush
UnregisterClassA
TabbedTextOutA
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RedrawWindow
DrawTextA
TrackMouseEvent
InvalidateRect
GetWindowRect
LoadCursorA
SetCursor
GetDC
ReleaseDC
LoadBitmapA
GetSysColor
ScreenToClient
ClientToScreen
GetCursorPos
GetParent
DestroyMenu
LoadIconA
UpdateWindow
GetClientRect
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
GetSystemMetrics
SetTimer
KillTimer
PostMessageA
SendMessageA
EnableWindow
SetDlgItemTextW
GetActiveWindow

gdi32

SelectObject
SetBkColor
SetMapMode
CreateBitmap
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
GetTextExtentPoint32A
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtTextOutA
DeleteDC
MoveToEx
LineTo
DeleteObject
GetStockObject
GetDeviceCaps
GetObjectA
CreateSolidBrush
SetBkMode
RestoreDC
SaveDC
CreatePen
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetDesktopFolder
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetPathFromIDListW
DragQueryFileA
SHGetFileInfoA
SHGetPathFromIDListA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a4f2c41e6ac53922f99b55d2c8f609d

Headers

DLL Characteristics

File Characteristics

Imports

gsio

gsui

iow

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 428KB - Virtual size: 428KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 10KB - Virtual size: 25KB

.rsrc Size: 148KB - Virtual size: 147KB

.text
Size: 428KB - Virtual size: 428KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 10KB - Virtual size: 25KB

.rsrc
Size: 148KB - Virtual size: 147KB