9d1c33e964b834c83f098a16706c9dc096276753217257bebbe0b6bedbd0f864

Sharing

Copy URL

Twitter E-mail

General

Target

9d1c33e964b834c83f098a16706c9dc096276753217257bebbe0b6bedbd0f864
Size

2.7MB
MD5

9079e6b57ccfe6f51f83302fd03053b9
SHA1

1942d5128ef61d1fc8a44ff62507f3a457bbf650
SHA256

9d1c33e964b834c83f098a16706c9dc096276753217257bebbe0b6bedbd0f864
SHA512

db3d200c9c33b02c42884dd9fc62945e0d0d46c8b57bb0dcd05c14e07465205ddbc913c6c3520fc356d995aadd84ae76224f7bd70bbe606c78e2e6a24892a298
SSDEEP

49152:bd7TeVyDracMbK6THeQ1zzqBzc5iOOIimmmmmmmmmmmm8fv/w9WgHgzXBIhtJ1r1:2UacMBTHCzc5iOOIimmmmmmmmmmmm8fE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d1c33e964b834c83f098a16706c9dc096276753217257bebbe0b6bedbd0f864

Files

9d1c33e964b834c83f098a16706c9dc096276753217257bebbe0b6bedbd0f864
.exe windows x86

0316781bb343ca7d8010e23ebccd14bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

stdfu

STDFU_Open
STDFU_SelectCurrentConfiguration
STDFU_Getstatus
STDFU_Clrstatus
STDFU_Dnload
STDFU_Close

stdfufiles

STDFUFILES_SetImageName
STDFUFILES_DestroyImage
STDFUFILES_GetImageName
STDFUFILES_GetImageAlternate
STDFUFILES_DuplicateImage
STDFUFILES_GetImageSize
STDFUFILES_CreateImageFromMapping
STDFUFILES_CloseDFUFile
STDFUFILES_FilterImageForOperation
STDFUFILES_OpenExistingDFUFile
STDFUFILES_ReadImageFromDFUFile

stdfuprt

STDFUPRT_CreateMappingFromDevice
STDFUPRT_StopOperation
STDFUPRT_LaunchOperation
STDFUPRT_GetOperationStatus

kernel32

GetOEMCP
GetAtomNameA
FileTimeToSystemTime
SystemTimeToFileTime
LocalUnlock
LocalLock
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetDiskFreeSpaceA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsFree
GetTimeFormatA
GetDateFormatA
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetStartupInfoA
HeapReAlloc
ExitProcess
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
GetCPInfo
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
InterlockedDecrement
GetModuleFileNameW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
lstrcmpW
GetVersionExA
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
InterlockedExchange
GetVersion
GetCommState
SetCommState
PurgeComm
CreateEventA
GetLastError
WaitForSingleObject
CancelIo
GetOverlappedResult
GetModuleFileNameA
lstrcatA
Sleep
GetTickCount
lstrcpyA
WriteFile
CreateFileA
GetFileSize
ReadFile
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleHandleW
GlobalFlags
GetSystemTimeAsFileTime
InterlockedCompareExchange

user32

UnregisterClassA
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
DestroyIcon
WaitMessage
DeleteMenu
GetTabbedTextExtentA
MessageBeep
IsClipboardFormatAvailable
GetDialogBaseUnits
DestroyMenu
GetMenuItemInfoA
GetSysColorBrush
WindowFromPoint
CharUpperA
MsgWaitForMultipleObjects
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
ValidateRect
MapVirtualKeyA
GetKeyNameTextA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
ScrollWindowEx
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassNameA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
TranslateAcceleratorA
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
ShowScrollBar
IsWindowVisible
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
IntersectRect
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
GetDCEx
TabbedTextOutA
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetScrollRange
SetScrollPos
GetScrollPos
SetRectEmpty
GetClassInfoA
DefWindowProcA
RegisterClassA
IsRectEmpty
FillRect
GetMessagePos
ReleaseCapture
SystemParametersInfoA
SetCapture
GetCapture
PtInRect
GetSysColor
IsWindow
RedrawWindow
DrawFocusRect
DrawFrameControl
SetRect
CopyRect
PostThreadMessageA
UnionRect
SetParent
GetSystemMenu
RegisterClipboardFormatA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuBarInfo
LoadAcceleratorsA
UnhookWindowsHookEx
InsertMenuItemA
InflateRect
OffsetRect
GetWindowRect
GetClientRect
GetDC
ReleaseDC
InvalidateRect
EnableWindow
SendMessageA
DrawEdge
CheckMenuItem
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetDlgItem
GetCursorPos
SetCursor
GetParent
LoadCursorA
GetPropA
SetForegroundWindow
ShowWindow
EnumWindows
RegisterDeviceNotificationA
DrawIcon
GetSystemMetrics
SetPropA
PeekMessageA
PostQuitMessage
TranslateMessage
DispatchMessageA
LoadIconA
KillTimer
SetTimer
UpdateWindow
IsIconic
GetClassLongA

gdi32

SelectObject
StartDocA
StartPage
EndPage
AbortDoc
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
DeleteDC
GetDCOrgEx
CreateRectRgnIndirect
ArcTo
CombineRgn
GetMapMode
PatBlt
DPtoLP
SetAbortProc
GetCharWidthA
GetBkColor
GetTextColor
GetRgnBox
StretchDIBits
SetWindowExtEx
OffsetWindowOrgEx
PlayMetaFile
DeleteObject
GetCurrentPositionEx
ExtTextOutA
RealizePalette
GetDeviceCaps
CreatePalette
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
BitBlt
Rectangle
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
GetTextMetricsA
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
SetRectRgn
CreateSolidBrush
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
CreateHatchBrush
Polygon
Ellipse
PolyBezier
Polyline
ExtCreatePen
CreateDIBSection
GetStockObject
EndDoc
ScaleWindowExtEx

msimg32

GradientFill

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteA
ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionA
PathRemoveFileSpecW
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionW

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
StringFromGUID2
OleSetClipboard
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
ReleaseStgMedium
CoRevokeClassObject
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CreateBindCtx

oleaut32

VariantCopy
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VarUdateFromDate
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayUnlock
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock

gdiplus

GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipAlloc
GdipFree
GdipCloneImage

hid

HidD_GetHidGuid

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 878KB - Virtual size: 877KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0316781bb343ca7d8010e23ebccd14bf

Headers

DLL Characteristics

File Characteristics

Imports

stdfu

stdfufiles

stdfuprt

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

hid

setupapi

Sections

.text Size: 878KB - Virtual size: 877KB

.rdata Size: 219KB - Virtual size: 219KB

.data Size: 17KB - Virtual size: 32KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 878KB - Virtual size: 877KB

.rdata
Size: 219KB - Virtual size: 219KB

.data
Size: 17KB - Virtual size: 32KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB