BlompInstall-0[.]9[.]13[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

BlompInstall-0.9.13.exe
Size

49.2MB
MD5

c3f339cf4cbdf782ec28e9aa7b2a5eae
SHA1

ebfe8b871b485434c9964c7666379f252238d84f
SHA256

d95b7f9322cf1fdd521b2a9ecd48babab423be31dda2f0f751376794ca42144e
SHA512

dc9de6e53d3ac3635a0d88d39e7b420e85beeaaa83c107665c621442a270404a93d7631282f8628867b2026392e71e1ec8cab2167cdc9eccf0327d6475c6605f
SSDEEP

786432:XDLvEQbtxwjhhh8jatZar6FMXAT432BJYMo3nLnLhaDgrP7KBukY0kVIJoP5:X3EQShhh8jao6FMu47nLnLhaEM1wP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BlompInstall-0.9.13.exe

Files

BlompInstall-0.9.13.exe
.exe windows x86

13446aca646f90c180e5fb20bd17a679

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetDefaultIMEWnd
ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext

oleaut32

VariantCopy
VariantClear
SysAllocStringLen
SysAllocString
SafeArrayPutElement
SafeArrayCreateVector
SysFreeString

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

gdi32

ExtTextOutW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetBitmapBits
SetPixelFormat
ChoosePixelFormat
SetWorldTransform
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
SetTextAlign
GetDIBits
SetTextColor
GetTextFaceW
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
GetGlyphOutlineW
GetCharABCWidthsFloatW
CreateBitmap
GetCharABCWidthsW
SetGraphicsMode

uxtheme

IsAppThemed
GetCurrentThemeName
DrawThemeBackground
GetThemeSysFont
GetThemeBool
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
ord47
IsThemeActive
GetThemeTransitionDuration
GetThemePropertyOrigin
GetThemeMargins
GetThemeEnumValue
GetThemeInt
GetThemeColor
GetThemePartSize
OpenThemeData
CloseThemeData
SetWindowTheme
DrawThemeTextEx
SetWindowThemeAttribute

dwmapi

DwmEnableBlurBehindWindow
DwmIsCompositionEnabled
DwmDefWindowProc
DwmExtendFrameIntoClientArea

iphlpapi

ConvertInterfaceNameToLuidW
ConvertInterfaceLuidToNameW
ConvertInterfaceLuidToIndex
ConvertInterfaceIndexToLuid
GetAdaptersAddresses

crypt32

CertGetCertificateChain
CertCreateCertificateContext
CertFreeCertificateChain
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertFreeCertificateContext

user32

GetWindowLongW
WindowFromDC
UnregisterDeviceNotification
PostMessageW
DrawMenuBar
GetSystemMenu
RemoveMenu
EnumWindows
GetWindowThreadProcessId
SendMessageTimeoutW
CharUpperW
GetSystemMetrics
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW
DrawIconEx
ChangeWindowMessageFilterEx
RealGetWindowClassW
GetWindowTextW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
EnumDisplayDevicesW
RegisterClassW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
SetMenu
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
DestroyIcon
DestroyCursor
GetWindow
SetParent
GetParent
SetWindowLongW
CallWindowProcW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
ReleaseCapture
SystemParametersInfoW
DefWindowProcW
DestroyWindow
GetDC
ReleaseDC
GetSysColor
RegisterDeviceNotificationW
GetDesktopWindow
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
AttachThreadInput
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetWindowPos
KillTimer
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
TranslateMessage
PostThreadMessageW
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
RemovePropW
GetPropW
SetPropW
GetCapture
SetCapture

ws2_32

gethostname
WSAAsyncSelect
listen
WSACleanup
WSAStartup
WSASetLastError
send
recv
WSASocketW
WSASendTo
WSASend
WSARecvFrom
WSARecv
WSANtohs
WSAIoctl
WSAHtonl
WSAConnect
WSAAccept
setsockopt
select
htonl
ntohl
WSAGetLastError
getaddrinfo
freeaddrinfo
getnameinfo
getsockopt
__WSAFDIsSet
bind
closesocket
getpeername
getsockname
htons
WSANtohl

advapi32

RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
DuplicateToken
CopySid
AccessCheck
SystemFunction036
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
GetFileSecurityW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegNotifyChangeKeyValue
AddAccessAllowedAce
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
RegQueryInfoKeyW

mpr

WNetGetUniversalNameA

netapi32

NetShareEnum
NetApiBufferFree

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

CreateMutexW
ReleaseMutex
TryEnterCriticalSection
QueueUserWorkItem
GetTempPathA
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
CreateTimerQueue
GetTempFileNameA
VerSetConditionMask
VerifyVersionInfoW
EncodePointer
DecodePointer
GetStringTypeW
RaiseException
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetUserGeoID
GetGeoInfoW
FindNextChangeNotification
FindFirstFileExW
SetFilePointerEx
GetFileInformationByHandleEx
TzSpecificLocalTimeToSystemTime
GetNumaHighestNodeNumber
CopyFileW
GetLogicalDrives
GetFullPathNameW
GetFileAttributesW
WriteFileEx
SleepEx
CancelIoEx
PeekNamedPipe
ReadFileEx
RegisterWaitForSingleObject
UnregisterWaitEx
LCMapStringW
CompareStringW
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetTickCount64
QueryPerformanceFrequency
GetProcessId
GetExitCodeProcess
WaitForSingleObjectEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
SwitchToThread
Sleep
DuplicateHandle
GetLocalTime
GetStartupInfoW
CompareStringEx
IsProcessorFeaturePresent
OutputDebugStringW
GetNativeSystemInfo
ReadConsoleW
ReadConsoleA
GetConsoleMode
ConvertThreadToFiber
ConvertFiberToThread
QueryPerformanceCounter
CreateFiber
DeleteFiber
SwitchToFiber
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetModuleHandleExW
SystemTimeToFileTime
GetSystemTime
SetHandleInformation
GetOverlappedResult
CreateNamedPipeW
ConnectNamedPipe
GlobalFree
WaitNamedPipeW
DisconnectNamedPipe
CreateFileMappingW
VirtualProtect
GetTimeZoneInformation
ExitProcess
GetVolumeInformationW
GetUserDefaultLangID
GlobalSize
LoadLibraryA
GetLocaleInfoW
GlobalLock
GlobalUnlock
GlobalAlloc
CheckRemoteDebuggerPresent
ExpandEnvironmentStringsW
WTSGetActiveConsoleSessionId
lstrcmpW
WaitForMultipleObjects
GetSystemInfo
VirtualFree
VirtualAlloc
CreateSemaphoreW
CreateEventW
ReleaseSemaphore
ResetEvent
SetEvent
InitializeCriticalSection
GetVersionExW
FileTimeToDosDateTime
GetSystemTimeAsFileTime
LoadLibraryW
LoadLibraryExW
GetModuleFileNameW
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
GetLogicalDriveStringsW
FindNextFileW
FindFirstFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
GetFileInformationByHandle
MoveFileW
GetModuleHandleW
GetSystemDirectoryW
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
SetLastError
GetProcessAffinityMask
SetThreadAffinityMask
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
RtlUnwind
ExitThread
GetACP
SystemTimeToTzSpecificLocalTime
SetConsoleCtrlHandler
GetCommandLineA
GetConsoleCP
SetStdHandle
HeapAlloc
HeapFree
HeapReAlloc
GetModuleFileNameA
CreateProcessA
IsValidLocale
EnumSystemLocalesW
IsValidCodePage
GetOEMCP
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
FindFirstFileExA
FindNextFileA
WriteConsoleW
MoveFileExW
GetTempPathW
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
OpenEventW
GetStdHandle
GetFileType
GetLargestConsoleWindowSize
SetConsoleScreenBufferSize
FreeConsole
AttachConsole
AllocConsole
SetConsoleMode
GetConsoleWindow
GetCommandLineW
CloseHandle
CreateProcessW
LocalFree
FormatMessageW
GetFileAttributesExW
GetLongPathNameW
GetShortPathNameW
GetEnvironmentVariableW
GetCurrentProcess
IsWow64Process
OpenProcess
GetLogicalDriveStringsA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDiskFreeSpaceExA
GetDriveTypeA
GetDriveTypeW
GetVolumePathNamesForVolumeNameW
SetErrorMode
WaitForSingleObject
TerminateProcess
GetLastError
FileTimeToSystemTime
CreateFileW
DeviceIoControl
FlushFileBuffers
LockFile
UnlockFile
WriteFile
CompareFileTime
GetProcAddress
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
HeapSize

shell32

SHGetKnownFolderPath
CommandLineToArgvW
SHParseDisplayName
ord155
Shell_NotifyIconGetRect
Shell_NotifyIconW
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHCreateItemFromParsingName
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetFileInfoW
SHChangeNotify
SHGetFolderLocation
ShellExecuteExW
SHGetFolderPathW

ole32

CoGetMalloc
CoCreateGuid
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoInitializeEx
StringFromGUID2
ReleaseStgMedium
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoLockObjectExternal

winmm

timeKillEvent
timeSetEvent

d3d9

D3DPERF_SetMarker
D3DPERF_GetStatus
Direct3DCreate9
D3DPERF_EndEvent
D3DPERF_BeginEvent

bcrypt

BCryptGenRandom

Exports

Exports

??0PlatformMethods@angle@@QAE@XZ
??4PlatformMethods@angle@@QAEAAU01@$$QAU01@@Z
??4PlatformMethods@angle@@QAEAAU01@ABU01@@Z
_ANGLEGetDisplayPlatform@20
_ANGLEResetDisplayPlatform@4

Sections

.text
Size: 14.2MB - Virtual size: 14.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 239B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13446aca646f90c180e5fb20bd17a679

Headers

DLL Characteristics

File Characteristics

Imports

imm32

oleaut32

wtsapi32

gdi32

uxtheme

dwmapi

iphlpapi

crypt32

user32

ws2_32

advapi32

mpr

netapi32

userenv

version

kernel32

shell32

ole32

winmm

d3d9

bcrypt

Exports

Exports

Sections

.text Size: 14.2MB - Virtual size: 14.2MB

.rdata Size: 5.5MB - Virtual size: 5.5MB

.data Size: 228KB - Virtual size: 371KB

.qtmetad Size: 512B - Virtual size: 239B

.tls Size: 512B - Virtual size: 13B

.gfids Size: 3KB - Virtual size: 2KB

_RDATA Size: 512B - Virtual size: 304B

.rsrc Size: 190KB - Virtual size: 190KB

.reloc Size: 554KB - Virtual size: 554KB

.text
Size: 14.2MB - Virtual size: 14.2MB

.rdata
Size: 5.5MB - Virtual size: 5.5MB

.data
Size: 228KB - Virtual size: 371KB

.qtmetad
Size: 512B - Virtual size: 239B

.tls
Size: 512B - Virtual size: 13B

.gfids
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 512B - Virtual size: 304B

.rsrc
Size: 190KB - Virtual size: 190KB

.reloc
Size: 554KB - Virtual size: 554KB