d8666f70d39e47fc638cb62120a06f2bc944659b176914c868d96ac8bd7bc803

Sharing

Copy URL Twitter E-mail

General

Target

d8666f70d39e47fc638cb62120a06f2bc944659b176914c868d96ac8bd7bc803
Size

1.7MB
MD5

e8b347ff6564136087a536b84b449d5e
SHA1

2914a116ae1bbfffdb7482dd0578536f3e910f87
SHA256

d8666f70d39e47fc638cb62120a06f2bc944659b176914c868d96ac8bd7bc803
SHA512

728c84a2f9c8867bd8cc4e93682e47dcab51ff6e0fb292c69d2d7b38e0e2ca3641c542ee3b2fd81dd877538c2a409712df10a6f59a886cce0835f1dc8c3bebf3
SSDEEP

24576:KEVyZQnsdz+fI/+MfC0BeEv9jU5lmH2d2idVnUPVYBK3LDHpgHHuDGuD16nkWl+t:HsZtt+K+fa9jYpJH2GUsi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8666f70d39e47fc638cb62120a06f2bc944659b176914c868d96ac8bd7bc803

Files

d8666f70d39e47fc638cb62120a06f2bc944659b176914c868d96ac8bd7bc803
.exe windows x86

c0fc7fc7ebb2b7a0108865073e01fcdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

jntcp

JNDllInit
JNCloseAll
?JNSendAliveSign@@YAXXZ
JNSendData
JNDisconnect
JNConnect
JNSetCommOptions
??1CUdpTestSpeed@@UAE@XZ
??0CUdpTestSpeed@@QAE@PAPAUST_TestSpeedResult@@HPAVCWnd@@@Z

thosttraderapi_se

?CreateFtdcTraderApi@CThostFtdcTraderApi@@SAPAV1@PBD@Z

kernel32

HeapAlloc
GetACP
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
RaiseException
VirtualFree
VirtualAlloc
IsBadWritePtr
GetDriveTypeA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
CreateDirectoryA
SetEnvironmentVariableA
HeapFree
RtlUnwind
FindNextFileA
FindResourceExA
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GlobalSize
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetProcessVersion
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GlobalAlloc
GetCurrentThread
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetFileAttributesA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
ReleaseMutex
CreateMutexA
GetModuleFileNameA
WaitForSingleObject
lstrcmpA
GetLastError
GetProfileIntA
lstrcpynA
FormatMessageA
LocalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
SetLastError
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
lstrlenW
Beep
CopyFileA
Sleep
CreateThread
UnmapViewOfFile
CloseHandle
CreateFileMappingA
MapViewOfFile
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
SetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetVersionExA
InterlockedExchange
HeapCreate

user32

SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
GetAsyncKeyState
GetSystemMenu
GetSysColorBrush
GetClassNameA
GetTabbedTextExtentA
CopyAcceleratorTableA
GetDCEx
LockWindowUpdate
MessageBeep
DestroyIcon
GetNextDlgGroupItem
PostThreadMessageA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
GetDesktopWindow
TranslateAcceleratorA
LoadAcceleratorsA
DestroyMenu
GetMessageA
UnregisterClassA
ValidateRect
FindWindowA
LoadStringA
IsClipboardFormatAvailable
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
SetFocus
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
MessageBoxA
IsChild
WinHelpA
wsprintfA
RegisterClassA
TrackPopupMenu
GetWindowTextLengthA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
IsIconic
GetWindowPlacement
GetNextDlgTabItem
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
DrawStateA
FrameRect
IsZoomed
DestroyCursor
GetWindowLongA
SetWindowLongA
RedrawWindow
CheckMenuItem
DlgDirListA
LoadImageA
PeekMessageA
SetParent
ModifyMenuA
RegisterWindowMessageA
UpdateWindow
EnableMenuItem
GetMenuItemCount
GetMenuItemID
DeleteMenu
GetTopWindow
GetWindowTextA
ShowWindow
SetForegroundWindow
SetTimer
SetMenu
LoadBitmapA
SetRectEmpty
DrawIcon
EqualRect
GetCursorPos
SetWindowPos
GetWindow
RemoveMenu
GetMenu
DrawMenuBar
GetMenuStringA
SetCursorPos
GetActiveWindow
CopyRect
IsRectEmpty
CreatePopupMenu
InsertMenuA
AppendMenuA
IsWindowVisible
OffsetRect
LoadMenuA
GetSubMenu
ClientToScreen
DrawFocusRect
LoadIconA
MapVirtualKeyA
keybd_event
GetCapture
ReleaseCapture
SetCapture
ClipCursor
PtInRect
InvertRect
GetFocus
GrayStringA
TabbedTextOutA
GetMessagePos
ScreenToClient
PostQuitMessage
WindowFromPoint
CharNextA
CharUpperA
GetClassLongA
GetSystemMetrics
GetClientRect
PostMessageA
KillTimer
GetKeyState
IntersectRect
IsWindow
GetWindowRect
GetParent
GetClassInfoA
DefWindowProcA
SystemParametersInfoA
GetDC
SetRect
ReleaseDC
LoadCursorA
SetCursor
InvalidateRect
GetSysColor
FillRect
InflateRect
DrawEdge
DrawFrameControl
DrawTextA
EnableWindow
SendMessageA
EndDialog
TranslateMessage

gdi32

SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateDCA
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
SetRectRgn
CombineRgn
CreateRectRgnIndirect
GetViewportOrgEx
GetTextColor
StretchDIBits
GetCharWidthA
CreateFontA
CopyMetaFileA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
EnumFontFamiliesExA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
SetBkColor
SetBkMode
SetTextColor
CreatePenIndirect
PatBlt
Polygon
Ellipse
SetPixel
GetStockObject
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetClipBox
GetObjectA
CreateFontIndirectA
RectVisible
PtVisible
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetBkColor
BitBlt
GetCurrentObject
AngleArc
GetMapMode
GetTextExtentPoint32A
Rectangle
SelectObject
DPtoLP
CreateSolidBrush
UnrealizeObject
LPtoDP
SetBrushOrgEx
GetDeviceCaps
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
DeleteObject

comdlg32

GetFileTitleA
CommDlgExtendedError
PrintDlgA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueA
RegCloseKey

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
ExtractIconA

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
OleUninitialize
CoFreeUnusedLibraries
DoDragDrop
ReleaseStgMedium
CoTaskMemFree
OleFlushClipboard
OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CLSIDFromProgID
CLSIDFromString
CoRevokeClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
OleInitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemAlloc
OleDuplicateData

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
VariantCopy
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString
SafeArrayCreate
SafeArrayPutElement
VariantClear

wsock32

sendto
connect
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
closesocket
htonl
htons
bind
WSAGetLastError
accept
getsockname
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
ntohs
gethostbyname
inet_addr

wininet

InternetReadFile
InternetCanonicalizeUrlA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryDataAvailable
InternetCrackUrlA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0fc7fc7ebb2b7a0108865073e01fcdc

Headers

File Characteristics

Imports

jntcp

thosttraderapi_se

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 192KB - Virtual size: 189KB

.data Size: 60KB - Virtual size: 110KB

.rsrc Size: 164KB - Virtual size: 161KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 192KB - Virtual size: 189KB

.data
Size: 60KB - Virtual size: 110KB

.rsrc
Size: 164KB - Virtual size: 161KB