c3e32a3fa088a3024dc0994b71c1a895ad6e16698a90d0960420d1b41977c774

Sharing

Copy URL

Twitter E-mail

General

Target

c3e32a3fa088a3024dc0994b71c1a895ad6e16698a90d0960420d1b41977c774
Size

2.6MB
MD5

db82cf3c615502885ba05083a6737cbf
SHA1

4994068434f2e6b3faa07d9cd565b38045fe56f6
SHA256

c3e32a3fa088a3024dc0994b71c1a895ad6e16698a90d0960420d1b41977c774
SHA512

bbde79aed8d1584f0a2beb271cfc13338e30e05faf8954e7d08a5f1e25fc6968dc2ba0619dc5454d737bd7e32979b8aae3479fac84cf4d9c69cc59daabd2250c
SSDEEP

49152:z6cgQXgzmYYw8HYZjE1Y5xVE4YxTEkQfS/DvH0INfsTdAY3QUBDl:u7JB6US/D8IC3QU1l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3e32a3fa088a3024dc0994b71c1a895ad6e16698a90d0960420d1b41977c774

Files

c3e32a3fa088a3024dc0994b71c1a895ad6e16698a90d0960420d1b41977c774
.exe windows:5 windows x86 arch:x86

ab60a37665a29ad79ad41a3ed292e962

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

gsio

?TextParam@CDwgExport@@UAEXPBD0NNNN@Z
?Raster@CDwgExport@@UAEXNNNNHHHHPAX0J0_NK0@Z
?SupportTTF@CDwgExport@@UAE_NXZ
?SupportLineWeight@CDwgExport@@UAE_NXZ
?ExportOriginalScaleRaster@CDwgExport@@UAE_NXZ
?ShellCallback@CDwgExport@@UAEXW4ShellType@@@Z
??1CDwgExport@@UAE@XZ
DWG_SetFileAboutFunc_2
?EndEntityDraw@CDwgExport@@UAEXXZ
?CreateDrawing@CDrawing@@SAPAV1@W4CDRAWING_SERVER@@@Z
?SetDpi@CDwgExport@@QAEXH@Z
?SetColorType@CDwgExport@@QAEXH@Z
CommonPenSets_Reset
CommonPenSets_SetDPI
?SaveRasterImage@@YAHPAUHBITMAP__@@HPBDJ@Z
?BeginEntityDraw@CDwgExport@@UAE_NPBD00K00PBN_JW4EntityMask@@@Z
?GetExtendMode@CDwgExport@@UAE_NXZ
?SetExtendMode@CDwgExport@@UAEX_N@Z
??0CDwgExport@@QAE@XZ
DWG_SetSearchDirectories
lppp
DWG_SetBackgroundColor
ppll
DWG_SetProgressCallBackFuns
?DeleteDrawing@CDrawing@@SAXPAV1@@Z
UninitDLL
InitDLL
DWG_SetFileAboutFunc

gsapp

release
create
callBreak
?create@Document@GsApp@@SAPAV12@XZ
?release@Document@GsApp@@SAXPAV12@@Z
draw

gsui

showSearchManager
releaseGsUI
initGsUI
?g_cursor@GsUI@@3VCursor@1@A
replaceFont
?g_systemInfo@GsUI@@3VCSystemInfo@1@A
?getDecimalSep@CSystemInfo@GsUI@@QAEDXZ
getAppDataPath
?GetMinWidth@PrintPenSet@GsUI@@QAENXZ
?getPenWidths@PrintPenSet@GsUI@@QAEPAUtagPENWIDTHS@2@XZ
?getUsePenWidth@PrintPenSet@GsUI@@QAE_NXZ
?g_printPenSet@GsUI@@3VPrintPenSet@1@A
SelectColor
showLayerManager
showSetViewportDialog
showSetPointDialog
showSetRotateViewDialog
?UpdatePenSetsToGsIO@PrintPenSet@GsUI@@QAEXXZ
?getPrintSetDlg@PrintPenSet@GsUI@@QAEAAVCPrintDialog@@XZ
loadPlotStyleDialogFromRegistry
releasePrintManager
showPrintManager
initPrintManager
showDwgSaveDialog
languageText
showDwgOpenDialog
GetColorIndex

kernel32

GetPrivateProfileIntA
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetModuleHandleW
InterlockedIncrement
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
FindResourceExA
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
VirtualQuery
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
HeapReAlloc
ExitThread
HeapSize
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapCreate
VirtualFree
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
CompareStringW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalAddAtomA
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedExchange
LocalAlloc
GetCurrentProcessId
CopyFileA
FormatMessageA
LocalFree
lstrlenW
lstrcmpiA
GetModuleFileNameA
GetSystemInfo
GetLogicalDriveStringsA
FindFirstChangeNotificationA
FindCloseChangeNotification
FindNextChangeNotification
WaitForMultipleObjects
lstrcpynA
GetFileAttributesA
Beep
FreeLibrary
ExpandEnvironmentStringsA
GetLocaleInfoA
WriteFile
GlobalSize
CreateFileA
GetFileSize
ReadFile
GlobalReAlloc
SetFilePointer
GlobalHandle
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapFree
GetProcessHeap
HeapAlloc
GetVersion
FileTimeToSystemTime
FindNextFileA
CreateDirectoryA
SetErrorMode
GetVolumeInformationA
GetDriveTypeA
DeleteFileA
Sleep
FindFirstFileA
FileTimeToLocalFileTime
FindClose
CompareFileTime
SetEvent
CreateEventA
CloseHandle
ResumeThread
SuspendThread
CreateThread
CompareStringA
lstrcpyA
MultiByteToWideChar
GetLastError
SetLastError
LoadLibraryA
lstrlenA
FreeResource
GetCurrentThreadId
GetVersionExA
MulDiv
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
GetTickCount
TerminateThread
GetModuleHandleA
GetProcAddress
FindResourceA
LoadResource
LockResource
SizeofResource
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
GetProfileIntA
GetFullPathNameA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetStringTypeExA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GlobalFlags
GetPrivateProfileStringA
lstrcmpA
WritePrivateProfileStringA
TlsGetValue

user32

LockWindowUpdate
DefFrameProcA
DrawMenuBar
TranslateMDISysAccel
CharUpperA
IsClipboardFormatAvailable
GetAsyncKeyState
UnregisterClassA
CharNextA
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
SetWindowPlacement
GetMenu
IsIconic
GetWindowPlacement
ShowOwnedPopups
GetMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
PostQuitMessage
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
GetMenuStringA
CharLowerA
DestroyCursor
GrayStringA
DrawTextExA
TabbedTextOutA
GetCapture
SetMenuDefaultItem
GetDlgCtrlID
SetWindowPos
EmptyClipboard
SetClipboardData
GetClipboardData
CloseClipboard
OpenClipboard
GetMenuState
RegisterClipboardFormatA
TrackPopupMenu
ModifyMenuA
DeleteMenu
GetClipboardFormatNameA
MessageBoxA
WindowFromPoint
LoadStringA
SendMessageTimeoutA
CallWindowProcA
DrawTextA
MapVirtualKeyA
GetKeyNameTextA
DestroyIcon
CopyAcceleratorTableA
AppendMenuA
CreateMenu
DrawEdge
LoadBitmapA
DrawStateA
SetMenuItemInfoA
GetMenuItemInfoA
IsZoomed
DefWindowProcA
GetClassNameA
IntersectRect
GetWindow
SetWindowLongA
IsMenu
DestroyMenu
GetDlgItem
GetKeyState
MessageBeep
TrackPopupMenuEx
GetDesktopWindow
GetClassLongA
DrawIconEx
GetSystemMenu
RemoveMenu
InsertMenuA
GetMenuItemID
EnableMenuItem
CheckMenuItem
DrawFrameControl
SetRect
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetWindowLongA
LoadMenuA
GetSubMenu
TranslateMessage
DispatchMessageA
GetDC
GetSystemMetrics
GetMenuItemCount
CreatePopupMenu
EqualRect
GetSysColor
GetSysColorBrush
GetMessagePos
BeginDeferWindowPos
EndDeferWindowPos
GetCursorPos
SetCursor
LoadCursorA
IsWindow
wsprintfA
ReleaseCapture
GetParent
IsChild
SetCapture
KillTimer
SetTimer
RedrawWindow
GetDCEx
ReleaseDC
ScreenToClient
ClientToScreen
GetClientRect
FillRect
OffsetRect
InflateRect
SetRectEmpty
PtInRect
IsRectEmpty
CopyRect
SystemParametersInfoA
GetFocus
GetActiveWindow
InvalidateRect
GetWindowRect
PostMessageA
SetParent
EndPaint
BeginPaint
GetWindowDC
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
LoadIconA
EnableWindow
SendMessageA
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
DrawFocusRect
IsWindowVisible
UpdateWindow
PeekMessageA
CloseWindow

gdi32

SelectObject
GetCharWidthA
CreateFontA
CreatePen
RoundRect
FloodFill
CreateBitmap
Ellipse
Rectangle
SetPolyFillMode
SetBkMode
SelectClipPath
EndPath
PolyPolygon
BeginPath
SetWindowOrgEx
StretchBlt
SetTextColor
CreatePalette
GetDIBits
GetPaletteEntries
RealizePalette
CreateHalftonePalette
GetDIBColorTable
CreateDCA
SetStretchBltMode
SelectPalette
SetBkColor
GetMapMode
DPtoLP
GdiFlush
SetDIBColorTable
CreateDIBSection
PtVisible
RectVisible
TextOutA
Escape
SetROP2
EndDoc
EndPage
GetWindowExtEx
StartPage
StartDocA
IntersectClipRect
CreateBrushIndirect
CreatePenIndirect
StretchDIBits
SetPixelV
EnumFontFamiliesA
ExtSelectClipRgn
GetClipBox
CombineRgn
CreateRectRgn
PlayEnhMetaFile
GetEnhMetaFilePaletteEntries
DeleteEnhMetaFile
SetWinMetaFileBits
SetMapMode
GetEnhMetaFileHeader
SetEnhMetaFileBits
CopyMetaFileA
ExcludeClipRect
SelectClipRgn
GetViewportExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
SetRectRgn
GetRgnBox
EnumFontFamiliesExA
Polyline
DeleteDC
Polygon
Arc
LineTo
MoveToEx
DeleteObject
GetTextMetricsA
GetObjectA
CreatePatternBrush
CreateSolidBrush
GetStockObject
CreateDIBitmap
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
ExtTextOutA
SetPixel
PatBlt
GetTextColor
GetDeviceCaps
OffsetRgn
CreateRectRgnIndirect
GetTextExtentPoint32A
CreateFontIndirectA
GetCurrentObject
RestoreDC
SaveDC
SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumValueA
RegDeleteValueA
RegOpenKeyA
RegQueryValueA
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumKeyA
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

SHFileOperationA
DragQueryPoint
DragQueryFileA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
DragFinish
SHGetFolderPathA
ShellExecuteExA
ShellExecuteA
ExtractIconExA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromProgID
ReleaseStgMedium
CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoInitializeEx
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

SysFreeString
OleLoadPicture
GetActiveObject
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
VarDateFromStr
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 584KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab60a37665a29ad79ad41a3ed292e962

Headers

DLL Characteristics

File Characteristics

Imports

gsio

gsapp

gsui

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 345KB - Virtual size: 345KB

.data Size: 66KB - Virtual size: 113KB

.rsrc Size: 584KB - Virtual size: 583KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 345KB - Virtual size: 345KB

.data
Size: 66KB - Virtual size: 113KB

.rsrc
Size: 584KB - Virtual size: 583KB