9b3922d3490e946587c1a3ecee2fb15304c9a12b0c7dd1c4a15e0104ad6216f3

Sharing

Copy URL Twitter E-mail

General

Target

9b3922d3490e946587c1a3ecee2fb15304c9a12b0c7dd1c4a15e0104ad6216f3
Size

1.7MB
MD5

ecf85adfdb97e4d45692cec2a82b53ec
SHA1

3cadfa2248d03c3737d8c6e49aabf802c9c33e7f
SHA256

9b3922d3490e946587c1a3ecee2fb15304c9a12b0c7dd1c4a15e0104ad6216f3
SHA512

56777b413dde9a7b007e46ee01c3d4e67ba915f44429346daf04d4558b707760b3d50540ca6830bd0c63b65e2f0cf024fca43f3e6796b4319fcddd686beac0d0
SSDEEP

24576:HSgrEnJDKqCsUZZzMKn6XRB9rYO/FcIDDN0yRVWpHMI5m8dz/p0/5nLsT3h3WDCz:yjn5UXn6XR7mg2ziMP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b3922d3490e946587c1a3ecee2fb15304c9a12b0c7dd1c4a15e0104ad6216f3

Files

9b3922d3490e946587c1a3ecee2fb15304c9a12b0c7dd1c4a15e0104ad6216f3
.exe windows x86

de810504276efadc24e05ca5f835365f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

jntcp

JNSetCommOptions
JNConnect
JNDisconnect
??0CUdpTestSpeed@@QAE@PAPAUST_TestSpeedResult@@HPAVCWnd@@@Z
?JNSendAliveSign@@YAXXZ
JNCloseAll
JNDllInit
??1CUdpTestSpeed@@UAE@XZ
JNSendData

thosttraderapi_sm

?CreateFtdcTraderApi@CThostFtdcTraderApi@@SAPAV1@PBD@Z

smk_certsdk

SMCertSDK_CertRevoke
SMCertSDK_CertQuery
SMCertSDK_CertEnroll
SMCertSDK_New
SMCertSDK_Free
SMCertSDK_Clean
SMCertSDK_Init

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapAlloc
GetACP
HeapReAlloc
HeapSize
SetStdHandle
CreateDirectoryA
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetDriveTypeA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
RtlUnwind
FindNextFileA
FindResourceExA
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GlobalSize
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetProcessVersion
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GlobalAlloc
GetCurrentThread
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetFileAttributesA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
ReleaseMutex
CreateMutexA
GetModuleFileNameA
WaitForSingleObject
lstrcmpA
GetLastError
GetProfileIntA
lstrcpynA
FormatMessageA
LocalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
SetLastError
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
lstrlenW
Beep
CopyFileA
Sleep
CreateThread
UnmapViewOfFile
CloseHandle
CreateFileMappingA
MapViewOfFile
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
SetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetVersionExA
InterlockedExchange
GetFileType

user32

BringWindowToTop
CharUpperA
CharNextA
WindowFromPoint
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
GetAsyncKeyState
GetSystemMenu
GetSysColorBrush
GetClassNameA
GetTabbedTextExtentA
CopyAcceleratorTableA
GetDCEx
LockWindowUpdate
MessageBeep
DestroyIcon
GetNextDlgGroupItem
PostThreadMessageA
TranslateMessage
ValidateRect
FindWindowA
LoadStringA
UnregisterClassA
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
SetFocus
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
MessageBoxA
IsChild
WinHelpA
wsprintfA
RegisterClassA
TrackPopupMenu
GetWindowTextLengthA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
UnpackDDElParam
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
DrawStateA
FrameRect
DestroyCursor
GetWindowLongA
SetWindowLongA
RedrawWindow
CheckMenuItem
DlgDirListA
LoadImageA
PeekMessageA
SetParent
ModifyMenuA
RegisterWindowMessageA
UpdateWindow
EnableMenuItem
GetMenuItemCount
GetMenuItemID
DeleteMenu
GetTopWindow
GetWindowTextA
ShowWindow
SetForegroundWindow
SetTimer
SetMenu
LoadBitmapA
SetRectEmpty
DrawIcon
EqualRect
GetCursorPos
SetWindowPos
GetWindow
RemoveMenu
GetMenu
DrawMenuBar
GetMenuStringA
SetCursorPos
GetActiveWindow
CopyRect
IsRectEmpty
CreatePopupMenu
InsertMenuA
AppendMenuA
IsWindowVisible
OffsetRect
LoadMenuA
GetSubMenu
ClientToScreen
DrawFocusRect
LoadIconA
MapVirtualKeyA
keybd_event
GetCapture
ReleaseCapture
SetCapture
ClipCursor
PtInRect
InvertRect
GetFocus
GrayStringA
TabbedTextOutA
GetMessagePos
ScreenToClient
GetSystemMetrics
GetClientRect
PostMessageA
KillTimer
GetKeyState
IntersectRect
IsWindow
GetWindowRect
ReuseDDElParam
GetDesktopWindow
TranslateAcceleratorA
LoadAcceleratorsA
DestroyMenu
CallWindowProcA
GetMessageA
GetParent
GetClassInfoA
DefWindowProcA
SystemParametersInfoA
GetDC
SetRect
ReleaseDC
LoadCursorA
SetCursor
InvalidateRect
GetSysColor
FillRect
InflateRect
DrawEdge
DrawFrameControl
DrawTextA
EnableWindow
SendMessageA
IsZoomed
IsClipboardFormatAvailable

gdi32

SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateDCA
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
SetROP2
CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
CreateRectRgnIndirect
GetViewportOrgEx
GetTextColor
StretchDIBits
GetCharWidthA
CreateFontA
CopyMetaFileA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
EnumFontFamiliesExA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
SetBkColor
SetBkMode
SetTextColor
CreatePenIndirect
PatBlt
Polygon
Ellipse
SetPixel
GetStockObject
SetPolyFillMode
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetClipBox
UnrealizeObject
LPtoDP
SetBrushOrgEx
GetDeviceCaps
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
GetObjectA
CreateFontIndirectA
RectVisible
PtVisible
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetBkColor
BitBlt
GetCurrentObject
AngleArc
GetTextExtentPoint32A
Rectangle
SelectObject
DPtoLP
CreateSolidBrush
DeleteObject

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
PrintDlgA
CommDlgExtendedError
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueA
RegCloseKey

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
ExtractIconA

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CLSIDFromProgID
CLSIDFromString
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
DoDragDrop
ReleaseStgMedium
CoTaskMemFree
CoRevokeClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
CreateStreamOnHGlobal
CoTaskMemAlloc
OleDuplicateData

olepro32

ord253

oleaut32

VariantClear
VariantCopy
VariantTimeToSystemTime
VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString
SafeArrayCreate
SafeArrayPutElement
SysAllocStringByteLen

wsock32

closesocket
ntohs
gethostbyname
inet_addr
WSAGetLastError
WSACleanup
WSAStartup
WSASetLastError
getsockname
accept
bind
htonl
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
htons
ioctlsocket

wininet

InternetCanonicalizeUrlA
InternetQueryOptionA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCrackUrlA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de810504276efadc24e05ca5f835365f

Headers

File Characteristics

Imports

jntcp

thosttraderapi_sm

smk_certsdk

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 192KB - Virtual size: 190KB

.data Size: 60KB - Virtual size: 111KB

.rsrc Size: 164KB - Virtual size: 161KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 192KB - Virtual size: 190KB

.data
Size: 60KB - Virtual size: 111KB

.rsrc
Size: 164KB - Virtual size: 161KB