CurtainsConfig[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

CurtainsConfig.exe
Size

4.8MB
MD5

ee963431622c4d455bcd2025d4b3a31a
SHA1

48483332d859ace21c3d3091251e3b8fe5343c37
SHA256

f1a046bc09beac1d518077e0291d26f37e4dbcbc8e89bc97923725b4d343348a
SHA512

301ea8299790cde823a37efb4dae9de67afdb4a36f50b6861d192b7131f2179d11813d1c4996a924993cecf02d6fa2d9dc94dee10c755db2dd351f0513eaac9b
SSDEEP

98304:Cd3ntCh8pfTM+xp3qUNn+NkDPiIswGsIuEy8pa7zi5WenROibIHF9Nxg:WXt51/xp3f1+NMPPz/ifU725WeIWI8

Score

1^/10

Malware Config

Signatures

Files

CurtainsConfig.exe
.exe windows x86

baebdcdbf4ae16abc6a5f039cda2a455

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageEncoders
GdipDrawImageRectI
GdipCreateFromHDC
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipDrawImageRectRect
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdiplusStartup
GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipCloneImage

uxtheme

DrawThemeParentBackground
GetWindowTheme
GetThemePartSize
GetThemeSysColor
BufferedPaintInit
DrawThemeBackground
CloseThemeData
OpenThemeData
EndBufferedPaint
BeginBufferedPaint
IsThemeBackgroundPartiallyTransparent
DrawThemeText
GetCurrentThemeName
GetThemeColor
IsAppThemed

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetCrackUrlA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle

dwmapi

DwmSetWindowAttribute
DwmGetColorizationColor

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
CreateDirectoryW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
RtlUnwind
VirtualAlloc
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindResourceExW
GetFileSize
GetFileAttributesW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
lstrcpyW
ResumeThread
CompareStringA
GetVersionExW
GetThreadLocale
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FormatMessageW
LocalFree
GlobalSize
FreeResource
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
VirtualQuery
VirtualProtect
GetSystemInfo
GetUserGeoID
GetWindowsDirectoryW
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
FreeLibrary
CreateFileW
LoadLibraryW
GetModuleHandleExA
InterlockedDecrement
GetSystemDirectoryW
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
GetCurrentProcess
GetPrivateProfileSectionNamesW
ReadFile
WriteFile
CreateFileA
WaitNamedPipeA
GetCurrentProcessId
ProcessIdToSessionId
GetPrivateProfileSectionW
CloseHandle
GetModuleFileNameA
FindNextFileA
FindFirstFileA
GetCurrentThread
SetThreadPriority
GlobalFindAtomW
RemoveDirectoryW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryExA
GetUserPreferredUILanguages
DeleteFileW
WaitForSingleObject
CreateEventW
VerifyVersionInfoW
VerSetConditionMask
InitializeCriticalSection
DeleteCriticalSection
CompareStringW
GetModuleHandleA
OutputDebugStringW
FindClose
FindNextFileW
FindFirstFileW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
WritePrivateProfileSectionW
CopyFileW
Sleep
GetModuleHandleW
MulDiv
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProductInfo
GetProcAddress
GetModuleFileNameW
LoadLibraryA
GlobalAddAtomW
SetEvent
lstrlenW
MultiByteToWideChar
FileTimeToSystemTime
WideCharToMultiByte
GetTickCount
GetLastError
lstrcatA
lstrlenA
lstrcmpA
SetLastError
GetComputerNameA
FindResourceW
LoadResource
LockResource
SizeofResource
EncodePointer
SystemTimeToTzSpecificLocalTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetRect
SetCursorPos
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
LoadImageW
UnionRect
GetMenuDefaultItem
DeleteMenu
GetSystemMenu
CharUpperW
TrackMouseEvent
RealChildWindowFromPoint
ShowOwnedPopups
SetWindowContextHelpId
PostQuitMessage
MapDialogRect
MapVirtualKeyW
GetKeyNameTextW
IsZoomed
GetSysColorBrush
DrawEdge
NotifyWinEvent
IsRectEmpty
InflateRect
InvertRect
DrawFocusRect
HideCaret
MessageBeep
EnableScrollBar
GetAsyncKeyState
LoadMenuW
IsDialogMessageW
CheckDlgButton
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
WinHelpW
SetScrollInfo
GetTopWindow
EqualRect
CopyRect
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
GetMessageTime
GetMessagePos
SetRectEmpty
SendDlgItemMessageA
TabbedTextOutW
GrayStringW
DrawTextExW
RemoveMenu
InsertMenuW
LockWindowUpdate
GetMenuState
GetLastActivePopup
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
LoadBitmapW
GetClassNameW
DrawStateW
SetWindowRgn
DrawIcon
EnumDisplayMonitors
LoadIconW
MonitorFromPoint
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
GetWindow
CreateWindowExA
DestroyWindow
RegisterClassW
IsIconic
SwitchToThisWindow
GetMenuItemID
GetMenuStringW
UnregisterClassW
GetWindowThreadProcessId
MessageBoxW
OffsetRect
GetMonitorInfoW
MonitorFromWindow
GetCapture
GetScrollInfo
ReleaseCapture
SystemParametersInfoW
SetMenuDefaultItem
EnumWindows
BroadcastSystemMessageW
RegisterWindowMessageA
FindWindowW
ClientToScreen
SetActiveWindow
CallNextHookEx
SetForegroundWindow
GetForegroundWindow
GetClassNameA
IsWindow
FindWindowA
PostMessageW
UpdateWindow
DefWindowProcW
DrawTextA
DrawFrameControl
GetMenuInfo
GetClassLongW
GetMenuItemInfoW
GetMenuItemCount
GetMenu
GetSysColor
UpdateLayeredWindow
MoveWindow
SetLayeredWindowAttributes
SetWindowPos
GetWindowTextA
SetWindowTextA
DestroyIcon
GetKeyState
SetCursor
LoadCursorW
ScreenToClient
CreateIconIndirect
GetIconInfo
GetDlgCtrlID
GetDesktopWindow
SendMessageA
GetWindowRect
GetWindowDC
wsprintfW
IntersectRect
EndPaint
BeginPaint
WindowFromPoint
GetCursorPos
ScrollWindowEx
RegisterWindowMessageW
KillTimer
DestroyMenu
GetDoubleClickTime
CopyIcon
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
PostThreadMessageW
SubtractRect
GetUpdateRect
GetWindowRgn
DestroyCursor
CreateMenu
MapVirtualKeyExW
GetSubMenu
IsCharLowerW
UnhookWindowsHookEx
TrackPopupMenu
AppendMenuW
SetWindowsHookExW
CreatePopupMenu
RemovePropW
WindowFromDC
RedrawWindow
SetTimer
MapWindowPoints
ReleaseDC
GetDC
SetPropW
GetWindowTextW
IsWindowEnabled
IsWindowVisible
MessageBoxA
ShowWindow
SetWindowTextW
wsprintfA
GetSystemMetrics
CopyImage
DrawIconEx
GetFocus
DrawTextW
InternalGetWindowText
GetParent
GetWindowLongW
SetCapture
PtInRect
GetPropW
SetFocus
InvalidateRect
RemovePropA
CallWindowProcW
GetPropA
EnableWindow
FillRect
GetClientRect
SetWindowLongW
SetPropA
SendMessageW
GetDlgItem
GetWindowTextLengthW
GetProcessWindowStation
GetUserObjectInformationW

gdi32

SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetTextExtentPoint32W
CreateEllipticRgn
Ellipse
GetBkColor
PatBlt
CreatePolygonRgn
Polygon
Polyline
SetMapMode
EnumFontFamiliesW
GetTextCharsetInfo
GetMapMode
DPtoLP
CreateRoundRectRgn
CreatePalette
GetPaletteEntries
RealizePalette
SetDIBColorTable
GetRgnBox
OffsetRgn
RoundRect
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
FrameRgn
PtInRegion
SetPixelV
FillRgn
GetBoundsRect
GetViewportOrgEx
GetWindowOrgEx
GetTextFaceW
SelectPalette
SaveDC
RestoreDC
RectVisible
PtVisible
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
ExcludeClipRect
Escape
CreatePatternBrush
CreateDCW
CopyMetaFileW
GetClipBox
GetTextMetricsW
SetRectRgn
SetBrushOrgEx
LPtoDP
CreatePen
GetPixel
CreateBitmap
CreateDIBSection
StretchDIBits
StretchBlt
GetClipRgn
CreateCompatibleBitmap
ExtSelectClipRgn
CombineRgn
LineTo
MoveToEx
ExtTextOutW
SelectClipRgn
CreateRectRgn
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateFontW
Rectangle
CreateHatchBrush
SetDCBrushColor
SetDCPenColor
SetPixel
GetTextColor
CreateFontA
SetTextColor
CreateSolidBrush
GetCurrentObject
SetDIBitsToDevice
GetDIBits
BitBlt
SetStretchBltMode
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateDIBitmap
GetStockObject
SetBkMode

comdlg32

ChooseColorW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegDeleteKeyExW
RegCreateKeyExA
RegDeleteKeyExA
GetTokenInformation
RegDeleteKeyW
OpenProcessToken
RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyA
CryptEncrypt
CryptDecrypt
CryptSetKeyParam
CryptAcquireContextW
CryptDestroyKey
RegEnumValueA
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueA
RegCreateKeyA
CryptReleaseContext
CryptDestroyHash
CryptVerifySignatureW
CryptHashData
CryptCreateHash
CryptImportKey
CryptAcquireContextA
RegOpenKeyExA
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

SHAppBarMessage
ShellExecuteA
ShellExecuteW
SHGetFolderPathW
SHGetFileInfoW
SHGetDesktopFolder
SHParseDisplayName
SHCreateShellItemArrayFromIDLists
SHBrowseForFolderW
SHGetFolderPathA
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
SHGetPathFromIDListW

shlwapi

UrlEscapeA
PathFileExistsW
SHCreateStreamOnFileEx
SHDeleteKeyW
PathFileExistsA
PathAppendA
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

ole32

CoInitializeEx
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemAlloc
OleDuplicateData
ReleaseStgMedium
CLSIDFromString
CoCreateGuid
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoTaskMemFree

oleaut32

VariantClear
OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
VariantChangeType
SysFreeString
SysAllocString
VariantInit

oledlg

OleUIBusyW

urlmon

URLDownloadToCacheFileW
UrlMkSetSessionOption

crypt32

CryptBinaryToStringW
CryptVerifyMessageSignature
CertGetNameStringW
CertFreeCertificateContext
CryptStringToBinaryW
CertGetNameStringA
CryptStringToBinaryA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

timeBeginPeriod
timeEndPeriod
timeSetEvent
timeGetTime
PlaySoundW

Sections

.text
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 418KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baebdcdbf4ae16abc6a5f039cda2a455

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

uxtheme

version

wininet

dwmapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oledlg

urlmon

crypt32

oleacc

imm32

winmm

Sections

.text Size: - Virtual size: 2.0MB

.rdata Size: - Virtual size: 446KB

.data Size: - Virtual size: 217KB

.gfids Size: - Virtual size: 109KB

.giats Size: - Virtual size: 16B

.tls Size: - Virtual size: 9B

.vmp0 Size: - Virtual size: 1.5MB

.vmp1 Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 418KB - Virtual size: 576KB

.text
Size: - Virtual size: 2.0MB

.rdata
Size: - Virtual size: 446KB

.data
Size: - Virtual size: 217KB

.gfids
Size: - Virtual size: 109KB

.giats
Size: - Virtual size: 16B

.tls
Size: - Virtual size: 9B

.vmp0
Size: - Virtual size: 1.5MB

.vmp1
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 418KB - Virtual size: 576KB