bc49a53fe0b8215f91c1a36535db6882e5297d3f9c17bdbd6127d2ae487e69ce

Sharing

Copy URL Twitter E-mail

General

Target

bc49a53fe0b8215f91c1a36535db6882e5297d3f9c17bdbd6127d2ae487e69ce
Size

344KB
MD5

774354802401bc93e93342fadf6a9ed2
SHA1

5e3803f7e0f576c6117a01b1075bd391b987de83
SHA256

bc49a53fe0b8215f91c1a36535db6882e5297d3f9c17bdbd6127d2ae487e69ce
SHA512

24f7a598adde2565dde35abc0b52e6f67e23b8d88581d1e3d7d7ed7a509663ef96a39a6764fd81ff0607d474e7cb6f1d1dd9b7e2947a246d7772d2abf8d52181
SSDEEP

6144:LxcN7wAPmB3JEvwExt6eESD8fsZ+bMlCvmCtpduNQS:LqmOmBevbt640sZ1lmLdKQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc49a53fe0b8215f91c1a36535db6882e5297d3f9c17bdbd6127d2ae487e69ce

Files

bc49a53fe0b8215f91c1a36535db6882e5297d3f9c17bdbd6127d2ae487e69ce
.exe windows:6 windows x86

5428b5b721d9c0c44a471cf16a06b4e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

commonclass

?Create@CDIBBmpAndDC@@QAEHPAVCDC@@HH@Z
?GetHeight@CDIBBmpAndDC@@QAEHXZ
??1CDIBBmpAndDC@@UAE@XZ
??0CDIBBmpAndDC@@QAE@XZ
?GetCapsValue@CD3D@@UAEPAXXZ
?Init@CD3D@@UAEJPAUHWND__@@HHIHIIHII@Z
??1CD3D@@UAE@XZ
??0CD3D@@QAE@XZ

commondata

?SetDpi@@YAXM@Z
?CommonData_Init@@YAXXZ
?CommonData_Release@@YAXXZ
?CommonData_Get@@YAPAUIDataManager@@XZ
??0CResourceManager@@QAE@XZ
??1CResourceManager@@QAE@XZ
?GetLEDcontrolResPath@CResourceManager@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?CreatDefauleFont@CFontManager@@QAEXAAVCFont@@@Z
?CreatTitleLanguageFont@CFontManager@@QAEXAAVCFont@@@Z
?GetDpi@@YAMXZ

mfc120u

ord7542
ord993
ord1468
ord7881
ord2163
ord13771
ord2265
ord2204
ord4621
ord4547
ord12094
ord6759
ord10131
ord5667
ord12799
ord12126
ord10314
ord8099
ord12122
ord12114
ord5821
ord3809
ord6252
ord14527
ord6253
ord14528
ord6251
ord14526
ord7884
ord12402
ord14326
ord11858
ord11857
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord5324
ord4434
ord1445
ord971
ord1469
ord994
ord9116
ord4605
ord1065
ord362
ord13153
ord1110
ord6392
ord1421
ord13738
ord12134
ord12132
ord1711
ord1723
ord1731
ord1727
ord1736
ord4879
ord4920
ord4887
ord4899
ord4895
ord4891
ord4928
ord4916
ord4883
ord4932
ord4905
ord4867
ord4874
ord4909
ord4459
ord9574
ord4451
ord3013
ord6719
ord3202
ord462
ord1105
ord13404
ord1063
ord14449
ord7807
ord14455
ord6393
ord6032
ord9007
ord1508
ord1042
ord286
ord3103
ord4176
ord6123
ord13616
ord2719
ord12095
ord9090
ord9349
ord3224
ord9137
ord10883
ord6875
ord8846
ord14447
ord11811
ord3795
ord11964
ord9020
ord11601
ord11600
ord5557
ord10169
ord10165
ord10167
ord10168
ord10166
ord2718
ord8092
ord3260
ord3263
ord13612
ord6121
ord3122
ord3361
ord3362
ord4049
ord11271
ord12006
ord6774
ord11592
ord13563
ord5838
ord2640
ord11999
ord3898
ord3330
ord3329
ord10353
ord2708
ord13991
ord4843
ord4606
ord2347
ord2343
ord2341
ord266
ord265
ord1687
ord14367
ord3761
ord3654
ord3773
ord12941
ord2478
ord450
ord6389
ord3821
ord13795
ord6870
ord11780
ord13796
ord6779
ord6778
ord6781
ord6777
ord6652
ord12219
ord2336
ord14463
ord12276
ord14516
ord5020
ord14406
ord1987
ord1457
ord982
ord293
ord4838
ord6207
ord1521
ord4620
ord8638
ord6434
ord2214
ord14457
ord14459
ord8242
ord14237
ord2484
ord3889
ord6510
ord4184
ord8628
ord10919
ord4842
ord8655
ord8346
ord5019
ord2173
ord12633
ord12454
ord14168
ord8361
ord9089
ord8855
ord14076
ord11768
ord12878
ord2759
ord8343
ord8352
ord8268
ord12736
ord8206
ord5262
ord3223
ord12043
ord5157
ord5454
ord5664
ord9231
ord5430
ord5693
ord5160
ord5316
ord5137
ord7609
ord7610
ord7600
ord5314
ord8101
ord10136
ord9091
ord1506
ord12047
ord10896
ord2948
ord9258
ord8921
ord1386
ord887
ord3790
ord14094
ord1684
ord7704
ord2480
ord4839
ord12899
ord5327
ord8699
ord13997
ord285
ord5824
ord2967
ord4280
ord1518
ord7382
ord6469
ord3839
ord4772
ord2262
ord6462
ord290
ord2444
ord12412
ord12413
ord1108
ord458
ord7002
ord8594
ord280
ord999
ord10260
ord1698
ord296
ord2367
ord1520
ord14448

msvcr120

_libm_sse2_sqrt_precise
memcpy
__CxxFrameHandler3
_CxxThrowException
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
?terminate@@YAXXZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
memset
realloc
malloc
memmove_s
round
_beginthreadex
roundf
wcscpy_s
_wcsdup
swscanf_s
_recalloc
free
calloc
wcstombs
mbstowcs
setlocale
memcpy_s
memmove
tolower
_purecall
_except1

kernel32

InitializeCriticalSectionEx
ResumeThread
GetUserDefaultUILanguage
GetModuleFileNameW
GetTickCount
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CloseHandle
CreateSemaphoreW
GetCommandLineW
GetLastError
WideCharToMultiByte
FreeLibrary
GetLocalTime
OutputDebugStringW
GetFileAttributesW
GetProcAddress
LoadLibraryW
GetModuleHandleW
Sleep
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessW
DeleteCriticalSection
DecodePointer

user32

GetWindowRgn
MoveWindow
DestroyWindow
DefWindowProcW
CreateWindowExW
RegisterClassExW
SetLayeredWindowAttributes
GetWindowLongW
SetWindowLongW
SetCursorPos
SetScrollPos
UpdateWindow
ShowScrollBar
InvalidateRect
EqualRect
ShowWindow
DrawTextW
GetDC
ReleaseCapture
SetCapture
RedrawWindow
DispatchMessageW
TranslateMessage
PeekMessageW
GetDesktopWindow
GetKeyState
ClientToScreen
ScreenToClient
SetWindowPos
PostMessageW
MonitorFromWindow
GetMonitorInfoW
ReleaseDC
GetWindowDC
EnumDisplayMonitors
PtInRect
InflateRect
CreatePopupMenu
GetCursorPos
DrawIcon
IsIconic
AppendMenuW
GetSystemMenu
GetSystemMetrics
LoadIconW
CopyRect
GetWindow
IsWindowVisible
GetWindowTextW
GetParent
GetWindowThreadProcessId
FindWindowW
SetForegroundWindow
IsWindow
GetClientRect
KillTimer
GetForegroundWindow
SetTimer
GetSysColor
EnableWindow
SetCursor
LoadCursorW
SendMessageW
GetWindowRect

gdi32

CreateSolidBrush
DeleteObject
GetObjectW
CreateDIBSection
StretchBlt
PtInRegion
CreateFontIndirectW
CreateBitmap
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SetBkMode
SetTextColor
SelectObject
BitBlt
CreateRectRgn
DeleteDC

msimg32

GradientFill

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

Shell_NotifyIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHCreateDirectoryExW
ShellExecuteW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFileExistsW
StrCmpW

ole32

CoInitialize
CoUninitialize

gdiplus

GdipDrawImageRect
GdipDrawString
GdipMeasureString
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipFillRectangle
GdipSetSolidFillColor
GdipDrawLineI
GdipSetTextRenderingHint
GdipSetStringFormatFlags
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeletePen
GdipCreatePen1
GdipDrawImageRectRect
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipFillRectangleI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipGraphicsClear
GdipDeleteGraphics
GdipCreateFromHDC
GdipLoadImageFromFile
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatTrimming

msvcp120

?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

ws2_32

WSAStartup
inet_ntoa

uiex

??1CNumberEdit@@UAE@XZ
??0CNumberEdit@@QAE@XZ
?PreTranslateMessage@CDisplayRatioDlg@@UAEHPAUtagMSG@@@Z
?OnInitDialog@CDisplayRatioDlg@@UAEHXZ
??1CDisplayRatioDlg@@UAE@XZ
??0CDisplayRatioDlg@@QAE@IPAVCWnd@@@Z
?AddPassword@CKeyInput@@QAEXV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0@Z
?RemoveAllPassword@CKeyInput@@QAEXXZ
??1CKeyInput@@UAE@XZ
??0CKeyInput@@QAE@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W11PAVCWnd@@@Z
?DestroyProcessDlg@@YAJPAUIProgressDlg@@@Z
?CreateProcessDlg@@YAJPAPAUIProgressDlg@@PAVCWnd@@@Z
?MsgBox@@YAHPAVCWnd@@PB_W1IHHPAI1@Z
?UIEx_LanguageChanged@@YAXH@Z
?SetMinValue@CNumberEdit@@QAEXM@Z
?SetMaxValue@CNumberEdit@@QAEXM@Z
?GetIntValue@CNumberEdit@@QAEHXZ
?GetPasswordText@CKeyInput@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
??0CButtonST@@QAE@XZ
??1CButtonST@@UAE@XZ
?SetIcon@CButtonST@@QAEKHH@Z
?SetTooltipText@CButtonST@@QAEXPB_WH@Z
?DrawTransparent@CButtonST@@QAEXH@Z
?SetValue@CNumberEdit@@QAEXHH@Z

t9common

?GetLanguage@CT9Config@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?Init@CT9Config@@QAEXPB_W@Z
?SetScreenRect@CT9Config@@QAEXHVCRect@@@Z
?SetIsHighPerformanceGraphics@CT9Config@@QAEXH@Z
?IsNvidiaGraphics@CT9Config@@QAEHXZ
?SetPlayMode@CT9Config@@QAEXH@Z
?GetPlayMode@CT9Config@@QAEHH@Z
?GetHideMode@CT9Config@@QAEHXZ
?GetPosLeftTop@CT9Config@@QAE?AVCPoint@@XZ
?GetLastHeight@CT9Config@@QAEHXZ
?GetLastWidth@CT9Config@@QAEHXZ
?Save@CT9Config@@QAEJXZ
?SetHideMode@CT9Config@@QAEXH@Z
?SetLastHeight@CT9Config@@QAEXH@Z
?SetLastWidth@CT9Config@@QAEXH@Z
?SetPosLeftTop@CT9Config@@QAEXABVCPoint@@@Z
?GetNicName@CT9Config@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
??1CT9Config@@QAE@XZ
??0CT9Config@@QAE@XZ
?SetFpsSel@CT9Config@@QAEXH@Z
?GetScreenCount@CT9Config@@QAEHXZ
?SetIsShowMouse@CT9Config@@QAEXHH@Z
?GetRightsManager@CT9Config@@QAEPAUIRightsManager@@XZ
?SetCalibrationCofig@CT9Config@@QAEJPAUSCalibrationCofig@@@Z
?GetCalibrationCofig@CT9Config@@QAEJPAUSCalibrationCofig@@@Z
?GetScreenRect@CT9Config@@QAE?AVCRect@@H@Z
?GetSoftwareModuleConfig@CT9Config@@QAEPAUSSoftwareModuleConfig@@XZ
?SetIsFahrenheit@CT9Config@@QAEXH@Z
?SetLanguage@CT9Config@@QAEXPB_W@Z
?SetThemeType@CT9Config@@QAEXH@Z
?SetAuthorizeTime@CT9Config@@QAEXH@Z
?SetIsChromaCorrection@CT9Config@@QAEXH@Z

cltdevice

?GetHwDeviceManager@@YAPAVIDeviceManager@@XZ

hwcommon2

??0CProductNameManager@@QAE@XZ
??0CCabinetInfoManager@@QAE@XZ
??0CHWParamReceiver@@QAE@PAVCHWParamRcvGeneral@@@Z
??1CHWParamReceiver@@UAE@XZ
??1CProductNameManager@@QAE@XZ
??1CCabinetInfoManager@@QAE@XZ
?IsModified@CHWParamReceiver@@UAE_NXZ
??1CRcvParamFileManager@@QAE@XZ
?LoadFromFile@CProductNameManager@@QAEJPB_W@Z
?GetRcvLayOut@CHWParamReceiver@@QAEPAVCRcvLayout@@HH@Z
?LoadFromFile@CRcvLayout@@QAEJPB_W@Z
?LoadFromBpFile@CRcvParamFileManager@@QAEJPB_W@Z
??0CRcvParamFileManager@@QAE@PAVCHWParamRcvGeneral@@@Z
?g_SetCustomID@@YAXH@Z
?SetModified@CHWParamReceiver@@UAEX_N@Z

ledmonitor

?LedMonitorLanguageChanged@@YAXH@Z
?GetLedMonitor@@YAJPAUILedMonitorCallbacker@@PAPAUILedMonitor@@@Z

ledshowsetting

?LEDShowSettingLanguageChanged@@YAXH@Z
?GetLEDShowSetting@@YAJPAUILEDShowSettingCallback@@PAPAUILEDShowSetting@@@Z

ledadmin

?LedAdminLanguageChanged@@YAXH@Z
?GetT9LedAdmin@@YAJPAUILedAdminCallback@@PAPAUIT9LedAdmin@@@Z

colorcorrect

?DoCalibration@@YAJPAUIColorCorrectCallbacker@@HPAVCWnd@@@Z
?ColorCorrectLanguageChanged@@YAXH@Z

colorlightcontrol

??0CCusColorMenu@@QAE@PAUHWND__@@@Z
?ColorLightControl_Init@@YAXV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@H@Z
?AppendMenuW@CCusColorMenu@@QAEHPAVCStringArray@@IIV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
??1CCusColorMenu@@UAE@XZ
?TrackPopupMenuEx@CCusColorMenu@@QAEHIHHPAVCWnd@@PAUtagTPMPARAMS@@@Z
?ColorLightControl_Release@@YAXXZ
?SetMenuSize@CCusColorMenu@@QAEXHHII@Z

cltnic

_Nic_IsScreenShowOn@4
_Nic_SetScreenShowOnOff@4
_Nic_GetNetAdapterCount@8
_Nic_GetNetAdapterInfo@24

dbghelp

MakeSureDirectoryPathExists

ssleay32

ord183
ord276

libeay32

ord905
ord298

calibrationsetting

?DoCloseCalibrationDlg@@YAJH@Z
?DoCalibrationSetting@@YAJPAVCWnd@@HUSDeviceParam@@AAHH@Z

winmm

timeGetTime

Exports

Exports

??4CResourceManager@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5428b5b721d9c0c44a471cf16a06b4e0

Headers

DLL Characteristics

File Characteristics

Imports

commonclass

commondata

mfc120u

msvcr120

kernel32

user32

gdi32

msimg32

advapi32

shell32

comctl32

shlwapi

ole32

gdiplus

msvcp120

ws2_32

uiex

t9common

cltdevice

hwcommon2

ledmonitor

ledshowsetting

ledadmin

colorcorrect

colorlightcontrol

cltnic

dbghelp

ssleay32

libeay32

calibrationsetting

winmm

Exports

Exports

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 58KB - Virtual size: 57KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 99KB - Virtual size: 99KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 58KB - Virtual size: 57KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 18KB - Virtual size: 17KB