sgdboop-win64[.]zip

Resubmissions

12-04-2023 18:16

230412-wwx45afe4v 3

12-04-2023 18:13

230412-wtyymsfe3t 3

Sharing

Copy URL

Twitter E-mail

General

Target

sgdboop-win64.zip
Size

1.0MB
MD5

4a383822bd3d57c48fe58fdb1126b8b3
SHA1

91678d2bb644d4bfda1ad55ab18de608786c57c3
SHA256

cadc595a9c282c8bda4aff6b498d1cd6ce81502a5c93c3aaa83ea123cecadb85
SHA512

733b87ee75f7b2e411d553880f71fc1a2c5f02bfcafc8984127480a4335b4782b3a9a551eaf1dc02f2f631bcda2ba3a1af99614be343cd1ac6b18099891a3e51
SSDEEP

24576:iimwnkPkKqe2OpWYWGaYFVY7H8hwCgbL+twXjX9g:A8aL8Ohtfi7ewCgbL56

Score

1^/10

Malware Config

Signatures

Files

sgdboop-win64.zip
.zip
SGDBoop.exe
.exe windows x64

302cfe93a1e0a575fa75b5aab72e5be6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

iup

IupSetAttribute
IupSetGlobal
IupSetHandle
IupImage
IupMessage
IupListDialog
IupOpen

kernel32

GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
FindClose
FindFirstFileExW
FindNextFileW
GetFullPathNameW
GetModuleFileNameA
CreateHardLinkA
GetConsoleWindow
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

MoveWindow

libcurl

curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_easy_getinfo
curl_slist_append
curl_easy_init

vcruntime140

memset
memcpy
__std_type_info_destroy_list
__current_exception
__current_exception_context
__C_specific_handler
strstr

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_c_exit
_cexit
_initialize_onexit_table
__p___argv
_register_thread_local_exe_atexit_callback
_seh_filter_dll
_register_onexit_function
_execute_onexit_table
system
__p___argc
_exit
_set_errno
_crt_atexit
_crt_at_quick_exit
_seh_filter_exe
_set_app_type
exit
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
terminate

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__stdio_common_vsprintf
_popen
_pclose
fwrite
ftell
fseek
__p__commode
fread
fopen
fgets
fclose
__stdio_common_vfprintf
__acrt_iob_func
fgetc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

wcstombs_s
mbstowcs_s
strtol
atoi
atoll

api-ms-win-crt-filesystem-l1-1-0

_mkdir
remove
_access

api-ms-win-crt-time-l1-1-0

asctime
_localtime64
_time64

api-ms-win-crt-string-l1-1-0

_stricmp
strcmp
strncmp
tolower
isspace

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 471B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iup.dll
.dll windows x64

dcca50d4592898608cf697e3d58d05c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RtlVirtualUnwind
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetSystemInfo
GetCPInfoExA
GetVersionExA
LoadLibraryExW
GetSystemDirectoryW
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
GetLocalTime
ReadFile
CreateFileW
WriteFile
lstrcpyW
GlobalSize
GetFileAttributesW
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetTickCount
GetComputerNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
OutputDebugStringW
GetVersionExW
GetSystemDefaultUILanguage
GetModuleHandleW
WideCharToMultiByte
lstrcpynW
LocalFree
GetProcAddress
GetLastError
FormatMessageW
GetCurrentThreadId
CreateMutexW
GetModuleFileNameW
lstrlenW
GetCommandLineW
CompareStringW
GetCPInfoExW
MulDiv
MultiByteToWideChar
FreeLibrary
LoadLibraryW
Sleep
SwitchToThread
CreateThread
CloseHandle
GetCurrentThread
ExitThread
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetTempFileNameA
GetTempPathA
RtlCaptureContext

user32

ShowScrollBar
SetScrollInfo
DrawEdge
InflateRect
GetActiveWindow
MapWindowPoints
DragDetect
GetClipboardFormatNameW
RegisterClipboardFormatW
SetRect
DrawFrameControl
DrawTextW
FrameRect
IsClipboardFormatAvailable
SetClipboardData
GetClipboardData
GetForegroundWindow
EmptyClipboard
CloseClipboard
OpenClipboard
GetCaretPos
GetFocus
CreateMenu
EnableMenuItem
GetMenuInfo
CheckMenuItem
RemoveMenu
DrawMenuBar
DestroyMenu
SetMenu
SetMenuInfo
SetMenuItemInfoW
IsMenu
GetSubMenu
TrackPopupMenu
SetMenuItemBitmaps
CreatePopupMenu
InsertMenuItemW
CheckMenuRadioItem
GetMenuState
GetMenuItemInfoW
PtInRect
GetComboBoxInfo
ShowCursor
GetMenuItemID
MonitorFromWindow
SetWindowRgn
FillRect
EndDialog
UnregisterClassW
GetScrollInfo
GetWindowInfo
GetMonitorInfoW
RegisterClassW
DefMDIChildProcW
LockWindowUpdate
SetLayeredWindowAttributes
SetCapture
IsZoomed
GetDlgItem
UpdateLayeredWindow
ReleaseCapture
LoadImageW
InvalidateRect
IsIconic
BeginPaint
EndPaint
GetWindowRect
GetAsyncKeyState
GetDesktopWindow
GetCursorPos
GetClientRect
MessageBoxW
GetSysColor
GetMessageW
PostMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostThreadMessageW
PostQuitMessage
GetKeyState
VkKeyScanA
GetKeyboardLayout
MapVirtualKeyA
GetClassNameA
EnumDisplayMonitors
CallNextHookEx
UnhookWindowsHookEx
EnumWindows
DisableProcessWindowsGhosting
SetWindowsHookExW
SystemParametersInfoA
SetForegroundWindow
SetFocus
SystemParametersInfoW
GetWindowLongW
GetWindowTextLengthW
DefWindowProcW
GetMessageExtraInfo
CallWindowProcW
MapVirtualKeyW
GetScrollBarInfo
EnableScrollBar
SetScrollPos
GetCapture
DestroyCursor
GetWindow
CreateIconIndirect
SetTimer
KillTimer
MessageBoxIndirectW
DefFrameProcW
CreateMDIWindowW
DestroyWindow
GetDC
IsWindowVisible
SetWindowPos
SetWindowLongPtrW
CreateWindowExW
ScreenToClient
SendMessageW
GetSystemMetrics
SetWindowTextW
ChildWindowFromPointEx
GetWindowLongPtrW
ShowWindow
GetClassInfoW
RedrawWindow
ClientToScreen
TrackMouseEvent
DrawFocusRect
IsWindowEnabled
LoadCursorW
SetParent
SetCursor
SetWindowLongW
GetParent
RegisterWindowMessageW
SetCursorPos
ReleaseDC
SendInput
EnableWindow
GetWindowTextW
DestroyIcon

gdi32

BitBlt
GetMetaFileBitsEx
GetEnhMetaFileBits
SetBkColor
CreateFontIndirectW
CreateRectRgnIndirect
PatBlt
Polygon
ExtCreatePen
EndPath
SetPixelV
CreateCompatibleBitmap
BeginPath
SetGraphicsMode
FillPath
Arc
Pie
ModifyWorldTransform
SetViewportOrgEx
SetLayout
GetLayout
StretchBlt
TextOutW
SetBkMode
SetTextColor
SelectClipRgn
ExcludeClipRect
SetTextAlign
CreateDIBSection
GetObjectW
CreateBitmap
GetObjectType
CreateCompatibleDC
GetStockObject
CreatePatternBrush
CreateRectRgn
DeleteDC
SetDCBrushColor
CombineRgn
SelectObject
CreateFontW
GetTextMetricsW
GetTextExtentPoint32W
DeleteObject
CreateSolidBrush
GetDeviceCaps
Polyline

comdlg32

GetSaveFileNameW
ChooseFontW
GetOpenFileNameW

advapi32

ReportEventW
GetUserNameW
DeregisterEventSource
RegisterEventSourceW

shell32

ShellExecuteW
ord74
DragFinish
DragAcceptFiles
DragQueryPoint
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteExW

ole32

CoInitializeEx
CoCreateInstance
ReleaseStgMedium
CoUninitialize
OleInitialize
RegisterDragDrop
RevokeDragDrop
DoDragDrop
OleUninitialize
CoLockObjectExternal

comctl32

ord14
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragShowNolock
ord13
ImageList_EndDrag
ImageList_GetIconSize
ImageList_Add
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_DragLeave
ImageList_Draw
ImageList_GetImageInfo

vcruntime140

longjmp
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__C_specific_handler
__std_type_info_destroy_list
memset
__intrinsic_setjmp
memcpy
strstr
strchr
memmove

api-ms-win-crt-heap-l1-1-0

free
malloc
realloc
calloc

api-ms-win-crt-stdio-l1-1-0

fwrite
ungetc
fseek
ferror
fread
feof
__stdio_common_vsprintf
getc
fclose
fopen
__stdio_common_vsscanf
__stdio_common_vfprintf
__stdio_common_vfscanf
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

isalpha
tolower
wcsncpy
strcspn
strncpy
strncmp
strtok
isdigit
toupper
isalnum

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_cexit
_crt_atexit
_execute_onexit_table
_initterm
_initterm_e
_register_onexit_function
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-math-l1-1-0

acos
sqrt
atan2
cosf
sinf
sin
fmod
cos
ceil

Exports

Exports

IupAlarm
IupAnimatedLabel
IupAppend
IupBackgroundBox
IupButton
IupCalendar
IupCanvas
IupCbox
IupCboxV
IupCboxv
IupClassInfoDialog
IupClassMatch
IupClipboard
IupClose
IupColorBrowser
IupColorDlg
IupColorbar
IupConfig
IupConfigCopy
IupConfigDialogClosed
IupConfigDialogShow
IupConfigGetVariableDouble
IupConfigGetVariableDoubleDef
IupConfigGetVariableDoubleId
IupConfigGetVariableDoubleIdDef
IupConfigGetVariableInt
IupConfigGetVariableIntDef
IupConfigGetVariableIntId
IupConfigGetVariableIntIdDef
IupConfigGetVariableStr
IupConfigGetVariableStrDef
IupConfigGetVariableStrId
IupConfigGetVariableStrIdDef
IupConfigLoad
IupConfigRecentInit
IupConfigRecentUpdate
IupConfigSave
IupConfigSetListVariable
IupConfigSetVariableDouble
IupConfigSetVariableDoubleId
IupConfigSetVariableInt
IupConfigSetVariableIntId
IupConfigSetVariableStr
IupConfigSetVariableStrId
IupConvertXYToPos
IupCopyAttributes
IupCopyClassAttributes
IupCreate
IupCreateV
IupCreatep
IupCreatev
IupDatePick
IupDestroy
IupDetach
IupDetachBox
IupDial
IupDialog
IupDrawArc
IupDrawBegin
IupDrawEnd
IupDrawFocusRect
IupDrawGetClipRect
IupDrawGetImageInfo
IupDrawGetSize
IupDrawGetTextSize
IupDrawImage
IupDrawLine
IupDrawParentBackground
IupDrawPolygon
IupDrawRectangle
IupDrawResetClip
IupDrawSelectRect
IupDrawSetClipRect
IupDrawText
IupDropButton
IupElementPropertiesDialog
IupExecute
IupExecuteWait
IupExitLoop
IupExpander
IupFileDlg
IupFill
IupFlatButton
IupFlatFrame
IupFlatLabel
IupFlatList
IupFlatScrollBox
IupFlatSeparator
IupFlatTabs
IupFlatTabsV
IupFlatTabsv
IupFlatToggle
IupFlatTree
IupFlatVal
IupFlush
IupFontDlg
IupFrame
IupGauge
IupGetAllAttributes
IupGetAllClasses
IupGetAllDialogs
IupGetAllNames
IupGetAttribute
IupGetAttributeHandle
IupGetAttributeHandleId
IupGetAttributeHandleId2
IupGetAttributeId
IupGetAttributeId2
IupGetAttributes
IupGetBrother
IupGetCallback
IupGetChild
IupGetChildCount
IupGetChildPos
IupGetClassAttributes
IupGetClassCallbacks
IupGetClassName
IupGetClassType
IupGetColor
IupGetDialog
IupGetDialogChild
IupGetDouble
IupGetDoubleId
IupGetDoubleId2
IupGetFile
IupGetFloat
IupGetFloatId
IupGetFloatId2
IupGetFocus
IupGetFunction
IupGetGlobal
IupGetHandle
IupGetInt
IupGetInt2
IupGetIntId
IupGetIntId2
IupGetIntInt
IupGetLanguage
IupGetLanguageString
IupGetName
IupGetNextChild
IupGetParam
IupGetParamV
IupGetParamv
IupGetParent
IupGetRGB
IupGetRGBA
IupGetRGBId
IupGetRGBId2
IupGetText
IupGlobalsDialog
IupGridBox
IupGridBoxV
IupGridBoxv
IupHbox
IupHboxV
IupHboxv
IupHelp
IupHide
IupImage
IupImageGetHandle
IupImageRGB
IupImageRGBA
IupInsert
IupIsOpened
IupItem
IupLabel
IupLayoutDialog
IupLink
IupList
IupListDialog
IupLoad
IupLoadBuffer
IupLog
IupLogV
IupLoopStep
IupLoopStepWait
IupMainLoop
IupMainLoopLevel
IupMap
IupMenu
IupMenuV
IupMenuv
IupMessage
IupMessageAlarm
IupMessageDlg
IupMessageError
IupMessageV
IupMessagef
IupMultiBox
IupMultiBoxV
IupMultiBoxv
IupMultiLine
IupNextField
IupNormalizer
IupNormalizerV
IupNormalizerv
IupOpen
IupParam
IupParamBox
IupParamBoxV
IupParamBoxv
IupPlayInput
IupPopup
IupPostMessage
IupPreviousField
IupProgressBar
IupProgressDlg
IupRadio
IupRecordInput
IupRedraw
IupRefresh
IupRefreshChildren
IupReparent
IupResetAttribute
IupSaveClassAttributes
IupSaveImageAsText
IupSbox
IupScanf
IupScrollBox
IupSeparator
IupSetAtt
IupSetAttV
IupSetAttribute
IupSetAttributeHandle
IupSetAttributeHandleId
IupSetAttributeHandleId2
IupSetAttributeId
IupSetAttributeId2
IupSetAttributes
IupSetCallback
IupSetCallbacks
IupSetCallbacksV
IupSetClassDefaultAttribute
IupSetDouble
IupSetDoubleId
IupSetDoubleId2
IupSetFloat
IupSetFloatId
IupSetFloatId2
IupSetFocus
IupSetFunction
IupSetGlobal
IupSetHandle
IupSetInt
IupSetIntId
IupSetIntId2
IupSetLanguage
IupSetLanguagePack
IupSetLanguageString
IupSetRGB
IupSetRGBA
IupSetRGBId
IupSetRGBId2
IupSetStrAttribute
IupSetStrAttributeId
IupSetStrAttributeId2
IupSetStrGlobal
IupSetStrf
IupSetStrfId
IupSetStrfId2
IupSetStrfId2V
IupSetStrfIdV
IupSetStrfV
IupSetfAttribute
IupSetfAttributeId
IupSetfAttributeId2
IupShow
IupShowXY
IupSpace
IupSpin
IupSpinbox
IupSplit
IupStoreAttribute
IupStoreAttributeId
IupStoreAttributeId2
IupStoreGlobal
IupStoreLanguageString
IupStringCompare
IupSubmenu
IupTabs
IupTabsV
IupTabsv
IupText
IupTextConvertLinColToPos
IupTextConvertPosToLinCol
IupThread
IupTimer
IupToggle
IupTree
IupTreeGetId
IupTreeGetUserId
IupTreeSetAttributeHandle
IupTreeSetUserId
IupUnmap
IupUpdate
IupUpdateChildren
IupUser
IupVal
IupVbox
IupVboxV
IupVboxv
IupVersion
IupVersionDate
IupVersionNumber
IupVersionShow
IupZbox
IupZboxV
IupZboxv
iupArrayAdd
iupArrayCount
iupArrayCreate
iupArrayDestroy
iupArrayGetData
iupArrayInc
iupArrayInsert
iupArrayReleaseData
iupArrayRemove
iupAssert
iupAttribGet
iupAttribGetAllSaved
iupAttribGetBoolean
iupAttribGetBooleanId
iupAttribGetBooleanId2
iupAttribGetClassObject
iupAttribGetClassObjectId
iupAttribGetClassObjectId2
iupAttribGetDouble
iupAttribGetDoubleId
iupAttribGetDoubleId2
iupAttribGetFloat
iupAttribGetFloatId
iupAttribGetFloatId2
iupAttribGetHandleName
iupAttribGetId
iupAttribGetId2
iupAttribGetInherit
iupAttribGetInheritNativeParent
iupAttribGetInt
iupAttribGetIntId
iupAttribGetIntId2
iupAttribGetIntInt
iupAttribGetLocal
iupAttribGetStr
iupAttribIsIhandle
iupAttribIsNotString
iupAttribParse
iupAttribSet
iupAttribSetClassObject
iupAttribSetClassObjectId
iupAttribSetClassObjectId2
iupAttribSetDouble
iupAttribSetDoubleId
iupAttribSetDoubleId2
iupAttribSetFloat
iupAttribSetFloatId
iupAttribSetFloatId2
iupAttribSetHandleName
iupAttribSetId
iupAttribSetId2
iupAttribSetInt
iupAttribSetIntId
iupAttribSetIntId2
iupAttribSetStr
iupAttribSetStrId
iupAttribSetStrId2
iupAttribSetStrf
iupBackgroundBoxNewBaseClass
iupBaseCallValueChangedCb
iupBaseCanvasGetClientOffsetAttrib
iupBaseCanvasGetClientSizeAttrib
iupBaseComputeNaturalSize
iupBaseContainerGetExpandAttrib
iupBaseContainerUpdateExpand
iupBaseGetActiveAttrib
iupBaseGetCPaddingAttrib
iupBaseGetCSpacingAttrib
iupBaseGetClientOffsetAttrib
iupBaseGetClientSizeAttrib
iupBaseGetCurrentSizeAttrib
iupBaseGetExpandAttrib
iupBaseGetRasterSizeAttrib
iupBaseGetScrollbar
iupBaseGetSizeAttrib
iupBaseGetVisibleAttrib
iupBaseGetWidAttrib
iupBaseNativeParentGetBgColor
iupBaseNativeParentGetBgColorAttrib
iupBaseNoSaveCheck
iupBaseRegisterBaseCallbacks
iupBaseRegisterCommonAttrib
iupBaseRegisterCommonCallbacks
iupBaseRegisterVisualAttrib
iupBaseSetActiveAttrib
iupBaseSetCPaddingAttrib
iupBaseSetCSpacingAttrib
iupBaseSetCurrentSize
iupBaseSetExpandAttrib
iupBaseSetMaxSizeAttrib
iupBaseSetMinSizeAttrib
iupBaseSetNameAttrib
iupBaseSetPosition
iupBaseSetRasterSizeAttrib
iupBaseSetSizeAttrib
iupBaseSetVisibleAttrib
iupBaseTypeVoidMapMethod
iupBaseUpdateAttribFromFont
iupCallGetFocusCb
iupCallKillFocusCb
iupChildTreeAppend
iupChildTreeGetNativeParent
iupChildTreeGetNativeParentHandle
iupChildTreeGetPrevBrother
iupChildTreeIsParent
iupClassCallbackGetFormat
iupClassInfoGetDesc
iupClassInfoShowHelp
iupClassMatch
iupClassNew
iupClassObjectChildAdded
iupClassObjectChildRemoved
iupClassObjectComputeNaturalSize
iupClassObjectCreate
iupClassObjectDestroy
iupClassObjectDlgPopup
iupClassObjectGetInnerNativeContainerHandle
iupClassObjectHasDlgPopup
iupClassObjectLayoutUpdate
iupClassObjectMap
iupClassObjectSetChildrenCurrentSize
iupClassObjectSetChildrenPosition
iupClassObjectUnMap
iupClassRegisterAttribute
iupClassRegisterAttributeId
iupClassRegisterAttributeId2
iupClassRegisterCallback
iupClassRegisterGetAttribute
iupClassRegisterReplaceAttribDef
iupClassRegisterReplaceAttribFlags
iupClassRegisterReplaceAttribFunc
iupClassRelease
iupDataEntry
iupDialogGetNativeParent
iupDlgListAdd
iupDlgListCount
iupDlgListFirst
iupDlgListNext
iupDlgListRemove
iupDlgListVisibleCount
iupDlgListVisibleDec
iupDlgListVisibleInc
iupDrawCalcShadows
iupDrawColor
iupDrawColorMakeInactive
iupDrawGetTextFlags
iupDrawGetTextSize
iupDrawHorizSunkenMark
iupDrawParentBackground
iupDrawRaiseRect
iupDrawSetColor
iupDrawStrToColor
iupDrawSunkenRect
iupDrawVertSunkenMark
iupError
iupFlatDrawArrow
iupFlatDrawBorder
iupFlatDrawBox
iupFlatDrawCheckMark
iupFlatDrawDrawCircle
iupFlatDrawGetIconSize
iupFlatDrawIcon
iupFlatGetDarkerBgColor
iupFlatGetHorizontalAlignment
iupFlatGetImageName
iupFlatGetImageNameId
iupFlatGetImagePosition
iupFlatGetVerticalAlignment
iupFlatItemResetTip
iupFlatItemSetTip
iupFlatItemSetTipAttrib
iupFlatScrollBarCreate
iupFlatScrollBarGet
iupFlatScrollBarMotionUpdate
iupFlatScrollBarRegister
iupFlatScrollBarRelease
iupFlatScrollBarSetChildrenCurrentSize
iupFlatScrollBarSetChildrenPosition
iupFlatScrollBarSetPos
iupFlatScrollBarWheelUpdate
iupFlatSetActiveAttrib
iupFocusCanAccept
iupFocusNextInteractive
iupFontParsePango
iupFontParseWin
iupFontParseX
iupGetFontFaceAttrib
iupGetFontInfo
iupGetFontSizeAttrib
iupGetFontStyleAttrib
iupGetFontValue

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcurl.dll
.dll windows x64

8a7b403dd5c9a3dc5a36199d27883fe7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

htonl
ioctlsocket
WSAWaitForMultipleEvents
WSASetEvent
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
__WSAFDIsSet
listen
accept
gethostname
freeaddrinfo
getaddrinfo
inet_ntop
inet_pton
WSAIoctl
select
WSAStartup
WSACleanup
recvfrom
sendto
WSASetLastError
getsockopt
getsockname
getpeername
connect
closesocket
bind
WSAGetLastError
send
WSACloseEvent
htons
ntohs
recv
socket
setsockopt

zlib1

inflateInit_
inflateInit2_
zlibVersion
inflate
inflateEnd

advapi32

CryptAcquireContextW
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext

crypt32

CertFreeCertificateContext
CryptDecodeObjectEx
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptStringToBinaryW
PFXImportCertStore
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringW
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFindCertificateInStore
CertFreeCertificateChain

bcrypt

BCryptGenRandom

kernel32

GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
FormatMessageW
SetLastError
GetLastError
GetCurrentProcessId
MoveFileExW
LoadLibraryW
GetEnvironmentVariableA
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
WaitForSingleObjectEx
CloseHandle
GetProcAddress
FreeLibrary
WideCharToMultiByte
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
VerSetConditionMask
GetModuleHandleA
CreateFileW
GetFileSizeEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
Sleep
VerifyVersionInfoW
MultiByteToWideChar
SleepEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection

vcruntime140

__std_type_info_destroy_list
memchr
strstr
wcschr
memcmp
memmove
strrchr
strchr
memset
memcpy
__C_specific_handler

api-ms-win-crt-stdio-l1-1-0

feof
fflush
_write
__stdio_common_vsscanf
ftell
fclose
__stdio_common_vsprintf
fputc
fputs
fgets
_read
fseek
fread
_lseeki64
__acrt_iob_func
fwrite
_wfopen
_wopen
_close

api-ms-win-crt-convert-l1-1-0

strtoul
strtoll
atoi
strtol
wcstombs

api-ms-win-crt-time-l1-1-0

_gmtime64
_time64
strftime

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_cexit
_initterm
_beginthreadex
_errno
__sys_errlist
__sys_nerr

api-ms-win-crt-string-l1-1-0

strncpy
strpbrk
wcsncpy
_strdup
strcmp
wcsncmp
strspn
strncmp
strcspn
wcspbrk
_wcsdup

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_waccess
_unlink
_fstat64
_wstat64

api-ms-win-crt-heap-l1-1-0

free
malloc
calloc
realloc

api-ms-win-crt-math-l1-1-0

_fdopen

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_header
curl_easy_init
curl_easy_nextheader
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_url_strerror
curl_version
curl_version_info
curl_ws_meta
curl_ws_recv
curl_ws_send

Sections

.text
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows x64

d879d2294039900ef484e0f01607f882

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memmove
memchr
memset
memcpy

api-ms-win-crt-stdio-l1-1-0

_wopen
_write
_read
_close
__stdio_common_vsprintf
_open
_lseeki64

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-runtime-l1-1-0

_errno
strerror
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Exports

Exports

adler32
adler32_combine
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine_gen
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

302cfe93a1e0a575fa75b5aab72e5be6

Headers

DLL Characteristics

File Characteristics

Imports

iup

kernel32

user32

libcurl

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 3KB

.pdata Size: 2KB - Virtual size: 1KB

.idata Size: 7KB - Virtual size: 7KB

.00cfg Size: 512B - Virtual size: 337B

.rsrc Size: 218KB - Virtual size: 218KB

.reloc Size: 512B - Virtual size: 471B

dcca50d4592898608cf697e3d58d05c2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 148KB - Virtual size: 147KB

.data Size: 5KB - Virtual size: 401KB

.pdata Size: 59KB - Virtual size: 58KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 800B

8a7b403dd5c9a3dc5a36199d27883fe7

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

zlib1

advapi32

crypt32

bcrypt

kernel32

vcruntime140

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 1KB

.idata
Size: 7KB - Virtual size: 7KB

.00cfg
Size: 512B - Virtual size: 337B

.rsrc
Size: 218KB - Virtual size: 218KB

.reloc
Size: 512B - Virtual size: 471B

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 148KB - Virtual size: 147KB

.data
Size: 5KB - Virtual size: 401KB

.pdata
Size: 59KB - Virtual size: 58KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 800B

.text
Size: 373KB - Virtual size: 372KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 9KB - Virtual size: 11KB

.pdata
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 108B