copland[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

copland.exe
Size

441KB
MD5

d7548e99ab43e47899a69058b2c38650
SHA1

611a4f037b6ffdd83cf630185ab1b44ca8902849
SHA256

27716c621f916f63b89dfbe9522689465713329df2f694ea9e0f427bbc516f51
SHA512

a5aba8271d878861c942e8890bde15742958e2016b57d514470a0ced7e70bd09f059e6f1394258492c4088198dde2042622a0a9a974aa7d30fdf02126ec48782
SSDEEP

12288:v67lBZl0yDF8fF3Jyf+ggjg/BsND954A3Ka7UMR:C7LZl/DF8fdZOIVF

Score

N/A

Malware Config

Signatures

Files

copland.exe
.exe windows x86

5f0b44c8448512350136260d6c19bbb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentStrings
SetUnhandledExceptionFilter
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
LCMapStringA
HeapDestroy
HeapCreate
FreeLibrary
lstrlenA
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
CloseHandle
ReadFile
SetFilePointer
CreateFileA
LocalFree
LocalAlloc
GetModuleFileNameA
MulDiv
GetOEMCP
GetCPInfo
GetDriveTypeA
GlobalHandle
FindResourceA
LoadResource
GetProfileStringA
GetFileInformationByHandle
PeekNamedPipe
HeapSize
HeapReAlloc
GetACP
TerminateProcess
ExitProcess
RaiseException
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RtlUnwind
GlobalGetAtomNameA
GlobalAddAtomA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetVersionExA
GetProcessVersion
LocalReAlloc
GlobalFlags
GetFileTime
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
SetEnvironmentVariableA
SizeofResource
LockResource
SetEndOfFile
UnlockFile
FlushFileBuffers
LockFile
GlobalReAlloc
lstrcmpA
DuplicateHandle
SetLastError
WideCharToMultiByte
MultiByteToWideChar
lstrcatA
lstrcpynA
GetVersion
GetSystemInfo
GetCurrentProcess
SetPriorityClass
Sleep
GetExitCodeThread
InterlockedIncrement
GetProcAddress
InterlockedDecrement
InterlockedExchange
SetEvent
LoadLibraryA
GetSystemTime
CreateEventA
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
CreateThread
WaitForSingleObject
GlobalFree
GetFileSize
WriteFile
OutputDebugStringA
TlsFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
TlsGetValue
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
GetLastError
lstrcmpiA
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW

user32

LoadBitmapA
BeginPaint
EndPaint
TabbedTextOutA
ShowOwnedPopups
CharUpperA
GetCursorPos
ValidateRect
DestroyMenu
LoadStringA
GetClassNameA
GetSysColorBrush
WindowFromPoint
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScreenToClient
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetMenu
GetWindowTextLengthA
GetWindowTextA
GetMenuCheckMarkDimensions
GetWindowDC
CallNextHookEx
SetPropA
SetForegroundWindow
GetPropA
CallWindowProcA
GetMessagePos
GetWindow
SetWindowPos
RegisterWindowMessageA
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetWindowLongA
DefWindowProcA
RegisterClassExA
CreateWindowExA
SetWindowLongA
DestroyWindow
MsgWaitForMultipleObjects
GetMessageA
PostThreadMessageA
wsprintfA
wvsprintfA
GetActiveWindow
DrawTextA
MessageBoxA
GetTabbedTextExtentA
IsRectEmpty
PeekMessageA
TranslateMessage
DispatchMessageA
GetForegroundWindow
IsWindowVisible
GetDesktopWindow
GetKeyState
LoadMenuA
GetSubMenu
GetParent
SetWindowRgn
FindWindowA
IsWindow
SetCapture
ReleaseCapture
LoadCursorA
SetCursor
ClientToScreen
IsIconic
DrawIcon
SendMessageA
GetClientRect
GetWindowRect
SystemParametersInfoA
LoadIconA
PostQuitMessage
SetRect
PostMessageA
ReleaseDC
IntersectRect
OffsetRect
GetSystemMetrics
DrawFocusRect
FrameRect
PtInRect
KillTimer
SetTimer
UnionRect
InflateRect
InvalidateRect
GrayStringA
UpdateWindow
DrawFrameControl
EnableWindow
GetDC
GetMenuState
ModifyMenuA
GetDlgCtrlID
SetWindowsHookExA
GetLastActivePopup
UnhookWindowsHookEx
GetMessageTime
RemovePropA
DeferWindowPos
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

RealizePalette
SelectObject
GetMapMode
CreateCompatibleDC
GetObjectA
DeleteObject
GetTextExtentPointA
CreateDIBitmap
CreateBitmap
DeleteEnhMetaFile
PlayEnhMetaFile
SetEnhMetaFileBits
GetEnhMetaFileBits
CreatePalette
GetStockObject
CreateFontA
CreateFontIndirectA
CreatePen
CreateSolidBrush
Polygon
Ellipse
GetSystemPaletteEntries
GetDIBits
CreateCompatibleBitmap
ExtCreateRegion
PatBlt
CombineRgn
CreatePolygonRgn
CreateDCA
CreateRectRgn
EndDoc
EndPage
AbortDoc
DPtoLP
StartDocA
StartPage
GetTextMetricsA
DeleteDC
GetCharWidthA
SetBkMode
SetTextColor
TextOutA
StretchDIBits
SetMapMode
SetBkColor
RestoreDC
SaveDC
BitBlt
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
PtVisible
RectVisible
ExtTextOutA
Escape
DeleteMetaFile
CloseMetaFile
GetTextAlign
SelectPalette
GetDeviceCaps

comdlg32

PrintDlgA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ord17
ImageList_Destroy

wsock32

gethostbyname
connect
socket
htonl
bind
listen
htons
WSAGetLastError
closesocket
getsockname
ntohs
ntohl
select
recvfrom
recv
sendto
send
accept
WSACleanup
WSAStartup

winmm

waveOutWrite
mciSendStringA
mixerGetLineControlsA
mmioSeek
mmioRead
mmioClose
mmioOpenA
waveOutSetVolume
waveOutRestart
waveOutGetVolume
waveOutGetDevCapsA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerClose
mixerGetNumDevs
mciSendCommandA
waveOutGetNumDevs
PlaySoundA
waveOutReset
waveOutPause
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutOpen
waveOutClose
mixerOpen

Sections

.text
Size: 347KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.petite
Size: 5KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5f0b44c8448512350136260d6c19bbb9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

winmm

Sections

.text Size: 347KB - Virtual size: 852KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 13KB - Virtual size: 16KB

.petite Size: 5KB - Virtual size: 52KB

.text
Size: 347KB - Virtual size: 852KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 13KB - Virtual size: 16KB

.petite
Size: 5KB - Virtual size: 52KB