AgingTest2[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

AgingTest2.exe
Size

5.7MB
MD5

bfbe0977f58ddd46be8ddc6662f6f46a
SHA1

db9955706c9134740d8c6f6f48bb975c0f8d746e
SHA256

6ca53a361185ccb4ffdda5bfe2b1fff5b2cbbe50c96ef36b3bc8c2488eebad2a
SHA512

c040bfcc92ef355a0aba7bbb56437c6d25edf8ce8a4a9b561dbe5ad01a492825fad4f189675cf4c429253c7309a1e99e40d87622054f153437e2d23c7df0fe82
SSDEEP

98304:8xNdJrKdHiFDsOoiguptOdgI7+lBcOwVp:ubJAHiLUTCXcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AgingTest2.exe

Files

AgingTest2.exe
.exe windows x86

d1336226e05a23f1f63ac672cb9e9b44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
HeapCreate
HeapDestroy
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetTickCount
MulDiv
GetVersionExA
GetModuleHandleW
GetSystemTime
IsBadReadPtr
GetModuleHandleA
LoadLibraryA
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
SetLastError
GetCurrentThreadId
GetLocalTime
HeapFree
HeapAlloc
GlobalLock
ResumeThread
SuspendThread
GetExitCodeThread
ReleaseMutex
GetVersionExW
SetEnvironmentVariableW
GetCurrentProcess
lstrlenA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSizeEx
InterlockedCompareExchange
CreateMutexW
GetEnvironmentVariableW
MultiByteToWideChar
EncodePointer
DecodePointer
InterlockedExchange
GetStringTypeW
LocalFree
lstrlenW
GlobalAlloc
CreateDirectoryW
SetCurrentDirectoryW
GetModuleFileNameW
ReadFile
WriteFile
SetEndOfFile
SetFilePointer
CloseHandle
GetFileAttributesExW
FindNextFileW
SetEnvironmentVariableA
GetFullPathNameA
OutputDebugStringW
SetConsoleCtrlHandler
SetStdHandle
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetCurrentThread
GetOEMCP
GetACP
IsValidCodePage
HeapSize
AreFileApisANSI
ExitProcess
GetProcessHeap
GetTimeZoneInformation
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
FatalAppExitA
InitializeCriticalSectionAndSpinCount
RaiseException
RtlUnwind
HeapReAlloc
GetCommandLineW
IsProcessorFeaturePresent
IsDebuggerPresent
LoadLibraryExW
ExitThread
CreateThread
FileTimeToSystemTime
GetDriveTypeW
FindFirstFileExW
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetSystemDefaultLCID
CreateEventW
ResetEvent
SetEvent
FormatMessageW
CreateFileA
CreateMutexA
WaitCommEvent
SetCommMask
RemoveDirectoryW
FindClose
MoveFileW
GetLastError
CreateFileW
FindFirstFileW
GetFullPathNameW
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteFileW
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateDirectoryA
GetPrivateProfileIntW
WritePrivateProfileStringW
Sleep
GetPrivateProfileIntA
GetPrivateProfileStringW
FlushFileBuffers
SetCommTimeouts
SetCommState
OutputDebugStringA
WideCharToMultiByte
InterlockedIncrement
WaitForSingleObject
EscapeCommFunction
GetCommState
ClearCommError
GlobalUnlock
GetCommModemStatus
InterlockedDecrement

user32

GetWindowRect
SetWindowPos
MonitorFromPoint
PostMessageW
GetWindowInfo
MessageBoxA
GetSystemMetrics
ReleaseDC
GetDC
MonitorFromRect
DestroyWindow
wsprintfW
CopyRect
SetCursor
SystemParametersInfoW
IntersectRect
IsRectEmpty
GetCursorPos
ScreenToClient
PtInRect
GetMonitorInfoW
GetForegroundWindow
IsWindow
LoadBitmapW
LoadCursorW
CreateIconFromResource
LoadImageW
DestroyCursor
LoadIconW
TrackMouseEvent
PostQuitMessage
AnimateWindow
SetLayeredWindowAttributes
IsWindowVisible
IsIconic
IsZoomed
SetFocus
GetCapture
SetCapture
ReleaseCapture
SetTimer
DrawIconEx
KillTimer
UpdateWindow
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
GetClientRect
InflateRect
UnionRect
GetWindowLongW
SendMessageW
GetActiveWindow
MessageBoxW
ShowWindow
SetWindowLongW
GetParent
GetClassNameW
MapVirtualKeyA
CharLowerBuffW
UpdateLayeredWindow
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DeleteMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
CheckMenuItem
DestroyMenu
CreatePopupMenu
IsMenu
SetCaretPos
HideCaret
CreateCaret
SystemParametersInfoA
DrawTextW
GetWindowPlacement
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetIconInfo
CharNextW
PostThreadMessageW
GetMessageW
SetRect
GetSysColor
EnableMenuItem
OffsetRect
ClientToScreen
SetForegroundWindow
CallMsgFilterW
WaitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetKeyState
GetFocus
EqualRect
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
EnableWindow
GetWindow
MapWindowPoints
GetDlgItem
CreateWindowExW
RegisterClassExW
UnregisterClassW
CallWindowProcW
DefWindowProcW
MonitorFromWindow
DestroyIcon

gdi32

GetCurrentObject
SetViewportOrgEx
CreateCompatibleBitmap
StretchBlt
GetDCOrgEx
GetObjectW
SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
EnumFontsW
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
CreateBitmap
SetGraphicsMode
BitBlt
GetDeviceCaps
ExtCreateRegion
IntersectClipRect
SelectClipRgn
SetWorldTransform
CreateDIBSection
GetTextFaceW
GetViewportOrgEx
ExtTextOutW
GetTextMetricsW
SetTextAlign
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontUnicodeRanges
GetGlyphIndicesW
GetTextExtentPointI
AddFontMemResourceEx
RemoveFontMemResourceEx
SetTextColor
GdiFlush

winspool.drv

ord203
ord204

comdlg32

GetOpenFileNameW
GetSaveFileNameW
PrintDlgW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
ShellExecuteExW

ole32

CoCreateGuid
OleInitialize
CoInitialize
OleUninitialize
CreateBindCtx
CoTaskMemFree
CoInitializeEx
CoUninitialize
IIDFromString
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning

oleaut32

GetErrorInfo
VariantInit
VariantClear
VariantChangeType
SetErrorInfo
CreateErrorInfo
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen

sqlite3

sqlite3_exec
sqlite3_errmsg
sqlite3_open
sqlite3_free
sqlite3_get_table
sqlite3_close

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

PathFileExistsW
StrToIntExW
PathFileExistsA

winmm

timeSetEvent
timeKillEvent
timeGetTime
PlaySoundW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

log4z

Log4zFormat
Log4zBegin
Log4zEnd

imm32

ImmGetContext
ImmReleaseContext
ImmDestroyContext
ImmCreateContext
ImmAssociateContext

gdiplus

GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGraphicsClear
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc

advapi32

RegCloseKey
RegQueryValueExA

usp10

ScriptFreeCache
ScriptShape
ScriptItemize

opengl32

wglGetProcAddress
wglGetCurrentContext

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 516KB - Virtual size: 515KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1336226e05a23f1f63ac672cb9e9b44

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

shell32

ole32

oleaut32

sqlite3

version

shlwapi

winmm

setupapi

log4z

imm32

gdiplus

advapi32

usp10

opengl32

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 79KB - Virtual size: 180KB

.tls Size: 512B - Virtual size: 33B

.rsrc Size: 280KB - Virtual size: 279KB

.reloc Size: 516KB - Virtual size: 515KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 79KB - Virtual size: 180KB

.tls
Size: 512B - Virtual size: 33B

.rsrc
Size: 280KB - Virtual size: 279KB

.reloc
Size: 516KB - Virtual size: 515KB