7e9e2468e5073c6c853e47f9e2ad6cd05ce466036d60df27223ec9702152573f

Sharing

Copy URL Twitter E-mail

General

Target

7e9e2468e5073c6c853e47f9e2ad6cd05ce466036d60df27223ec9702152573f
Size

15.6MB
MD5

f986dfc8cf61eebd713aaaaff0a9467b
SHA1

be49a89a70abc0eb9330b0d5ade415540caa59c0
SHA256

7e9e2468e5073c6c853e47f9e2ad6cd05ce466036d60df27223ec9702152573f
SHA512

4d3a18c3cb4b95951701c53da0bdddb6f11a8ab1eebcaeaceda01965cea4aa0544b49057781c6a615b58edbb8ffb37664f5994f93b9bdd0fac5e43497605c0d4
SSDEEP

393216:g7gNTcvgl1OB9r9UsfyDgOfLPwlj3XHqsBWzPYF0Dhm:8gNUgPOB9rSsyDPfTy3XHqap

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e9e2468e5073c6c853e47f9e2ad6cd05ce466036d60df27223ec9702152573f

Files

7e9e2468e5073c6c853e47f9e2ad6cd05ce466036d60df27223ec9702152573f
.exe windows x86

89aa95060b8e1eacd596766f27cca9af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapQueryInformation
GetFileType
SetStdHandle
GetFullPathNameW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
FindFirstFileExW
IsValidLocale
RtlUnwind
GetDriveTypeW
UnmapViewOfFile
MapViewOfFile
ExpandEnvironmentStringsA
lstrlenA
QueryPerformanceFrequency
SetCurrentDirectoryA
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
GetStdHandle
FindNextFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
MoveFileExW
SetEnvironmentVariableW
CreateFileW
CreateFileMappingA
GetFileAttributesExW
GetTimeZoneInformation
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetConsoleCtrlHandler
WriteConsoleW
GetEnvironmentVariableA
VirtualFree
TerminateThread
GetFileInformationByHandle
GetSystemDefaultLangID
GetUserDefaultLangID
InterlockedExchange
CreateProcessA
OpenFileMappingA
GetHandleInformation
IsBadReadPtr
Beep
GetExitCodeProcess
GetSystemDirectoryA
GetLogicalDrives
GetModuleHandleExA
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameA
GetTempPathA
Sleep
GetProfileIntA
GetTickCount
SearchPathA
GetWindowsDirectoryA
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetVolumeInformationA
lstrcmpiA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
SetErrorMode
GetThreadLocale
InitializeCriticalSectionAndSpinCount
LocalReAlloc
LocalAlloc
GlobalHandle
lstrcpyA
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
CreateFileA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GlobalGetAtomNameA
GlobalFindAtomA
FindResourceA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetVersionExA
GetCurrentThread
OutputDebugStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
WaitForSingleObject
SetEvent
CloseHandle
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
GetModuleHandleA
GetPrivateProfileStringA
CopyFileA
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
SetFileAttributesA
RemoveDirectoryA
DeleteFileA
CreateDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetPrivateProfileIntA
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
FreeLibrary
PeekNamedPipe

user32

GetWindowTextLengthA
GetWindowRect
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
SetWindowLongA
GetClassLongA
GetClassNameA
GetTopWindow
GetWindow
LoadIconA
SetScrollInfo
LoadBitmapA
GetCursor
ShowCursor
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics
GetSystemMenu
AppendMenuA
DrawIcon
GetClientRect
LoadIconW
UnregisterClassA
UnhookWindowsHookEx
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetScrollInfo
InsertMenuA
RemoveMenu
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
CreateCursor
ScreenToClient
GetSysColor
FillRect
DestroyMenu
GetMenuItemInfoA
CopyRect
InflateRect
SystemParametersInfoA
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
GetWindowTextA
GetMenuItemCount
CreateWindowExA
IsWindow
IsMenu
IsChild
GetWindowRgn
SubtractRect
DestroyWindow
WinHelpA
SetWindowPos
GetWindowPlacement
SetWindowPlacement
DrawEdge
DrawFrameControl
DrawFocusRect
SetClassLongA
SetParent
CharUpperBuffA
LockWindowUpdate
ModifyMenuA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
CopyIcon
FrameRect
PostThreadMessageA
GetKeyNameTextA
GetNextDlgGroupItem
GetIconInfo
HideCaret
InvertRect
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsCharLowerA
MapVirtualKeyExA
GetComboBoxInfo
GetUpdateRect
WindowFromDC
RegisterClassExA
DialogBoxIndirectParamA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
GetCapture
wvsprintfA
wsprintfA
RegisterClipboardFormatA
SetRect
DrawIconEx
MonitorFromWindow
GetMonitorInfoA
ShowWindow
MoveWindow
CheckDlgButton
SendDlgItemMessageA
SetWindowTextA
IsDialogMessageA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetDesktopWindow
DrawStateA
InvalidateRect
GetSysColorBrush
LoadCursorA
RealChildWindowFromPoint
CopyImage
DeleteMenu
SetTimer
KillTimer
DestroyIcon
CharUpperA
WaitMessage
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
CreateMenu
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetCapture
ReleaseCapture
WindowFromPoint
GetMenu
LoadCursorW
IntersectRect
SetRectEmpty
OffsetRect
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TrackMouseEvent
IsZoomed
LoadMenuW
SetWindowRgn
MessageBeep
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
LoadImageA
UnpackDDElParam
ReuseDDElParam
LoadImageW
OpenClipboard
CloseClipboard
SetClipboardData
ClientToScreen
EmptyClipboard

gdi32

SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
StartDocA
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
CreateRoundRectRgn
CreateCompatibleBitmap
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RectVisible
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
ExtSelectClipRgn
GetRgnBox
OffsetRgn
CreateEllipticRgn
Ellipse
GetBkColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreateFontA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
EndDoc
StartPage
EndPage
SetAbortProc
SetPixelV
GetTextFaceA
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
DeleteDC
CopyMetaFileA
CreateDCA
GetDeviceCaps
CreateBitmap
BitBlt
CreateCompatibleDC
SelectClipRgn
SaveDC
GetTextColor
RestoreDC
CreateHatchBrush
CreatePen
Arc
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
GetCharABCWidthsFloatA
SetDIBits
DeleteObject
Escape
ExcludeClipRect
ChoosePixelFormat
SetPixelFormat
SwapBuffers
GetClipBox
GetObjectType
GetDIBits
EnumFontFamiliesExA
GetPixel

msimg32

TransparentBlt
AlphaBlend
GradientFill

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragFinish
DragQueryFileA
SHGetFileInfoA
SHAppBarMessage
SHGetMalloc
SHBrowseForFolderA
ShellExecuteA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathFileExistsA
PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA

uxtheme

IsAppThemed
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeText

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CreateStreamOnHGlobal
DoDragDrop
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
SysAllocString

gdiplus

GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette

dkdatafilemngr

?GetInstance@interfaceRWTextFile_DrwMutiLayer@@SAAAV1@XZ
GetPdbName
GetPdbNameByJwsName

cfgpointer

m_pCfg

wxl_dll

deal_pkpm_style
C_GET_MTEXT
textopen
lineopen
deal_pkpm_layer
deal_pkpm_layer3d
deal_pkpm_ltype
getSpecialChar
WRITE_WMF_FILE
WRITE_EMF_FILE
DEFINE_BLOCK
_CTBAR@20
INSERT_BLK
_SETLAYERDIMPARA2@4
deal_pkpm_color

comctl32

PropertySheetA
CreateToolbarEx
ord5
InitCommonControlsEx

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
ChooseFontA

opengl32

glInitNames
glIndexPointer
glHint
glGetIntegerv
glGetError
glGenTextures
glFlush
glEndList
glEnd
glEnableClientState
glEnable
glEdgeFlagPointer
glDrawPixels
glDrawElements
glDrawBuffer
glDrawArrays
glDisableClientState
glDisable
glDepthMask
glDepthFunc
glDeleteTextures
glDeleteLists
glCullFace
glColorPointer
glColorMaterial
glColorMask
glColor4f
glClearStencil
glClearDepth
glClearColor
glClear
glCallList
glBlendFunc
glBindTexture
glBegin
glAlphaFunc
wglMakeCurrent
wglDeleteContext
wglCreateContext
glLightfv
glLineWidth
glLoadIdentity
glLoadName
glMaterialfv
glMatrixMode
glNewList
glNormal3d
glNormalPointer
glOrtho
glPixelStorei
glPointSize
glPolygonMode
glPolygonOffset
glPopMatrix
glPopName
glPushMatrix
glPushName
glRasterPos3f
glReadBuffer
glReadPixels
glRenderMode
glRotatef
glScalef
glSelectBuffer
glShadeModel
glStencilFunc
glStencilOp
glTexCoord2f
glTexCoordPointer
glTexEnvf
glTexParameterf
glTranslatef
glVertex3f
glVertexPointer
glViewport
glLightModeli
glLightf
glLightModelfv

glu32

gluPickMatrix
gluLookAt
gluBuild2DMipmaps
gluPerspective

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

winmm

PlaySoundA

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

stdalgorf

_PINPOL_R4_DSTC@28

imagehlp

SymInitialize
StackWalk64
SymCleanup

Sections

.text
Size: 11.0MB - Virtual size: 11.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 987KB - Virtual size: 52.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 651KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89aa95060b8e1eacd596766f27cca9af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

dkdatafilemngr

cfgpointer

wxl_dll

comctl32

comdlg32

opengl32

glu32

oleacc

winmm

imm32

stdalgorf

imagehlp

Sections

.text Size: 11.0MB - Virtual size: 11.0MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 987KB - Virtual size: 52.3MB

.trace Size: 389KB - Virtual size: 389KB

_RDATA Size: 79KB - Virtual size: 79KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 651KB - Virtual size: 650KB

.text
Size: 11.0MB - Virtual size: 11.0MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 987KB - Virtual size: 52.3MB

.trace
Size: 389KB - Virtual size: 389KB

_RDATA
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 651KB - Virtual size: 650KB