e52bd2673e635500e4dd4541439b53a4d38bcc4e54de17841e32ea0a05b81921

Sharing

Copy URL Twitter E-mail

General

Target

e52bd2673e635500e4dd4541439b53a4d38bcc4e54de17841e32ea0a05b81921
Size

3.5MB
MD5

f237bd8b854b3c0ea73136e8d61e0113
SHA1

bc456c51b2bf552d49a36c6fa2af9d07340e5c3b
SHA256

e52bd2673e635500e4dd4541439b53a4d38bcc4e54de17841e32ea0a05b81921
SHA512

1e8f82e6d62a1fd45a37aeb858b631d5ecbdbb88106aa7dc666328677ad2eed04f08f62509d88753a5eea9c49f75be309be218b9258dd1a4dfd36e6dce69acf7
SSDEEP

98304:x3g49IqjNsANN+nxxmvl9bJCg1SVPEFLOAkGkzdnEVomFHKnPcT:xQ49IqanOpJCg1SVcFLOyomFHKnPc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e52bd2673e635500e4dd4541439b53a4d38bcc4e54de17841e32ea0a05b81921

Files

e52bd2673e635500e4dd4541439b53a4d38bcc4e54de17841e32ea0a05b81921
.exe windows:6 windows x86 arch:x86

254258ad41583eb44408fb3eb02665b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jenkins\CulSystem\Bin\Release\CulClient.pdb

Imports

ws2_32

shutdown
connect
WSACreateEvent
WSAAddressToStringW
WSAEnumNetworkEvents
WSAResetEvent
WSAIoctl
send
WSACloseEvent
setsockopt
WSAGetLastError
getsockname
WSAStringToAddressW
WSAWaitForMultipleEvents
ntohs
freeaddrinfo
getaddrinfo
WSACleanup
WSAStartup
socket
WSASetLastError
recv
inet_addr
htons
htonl
closesocket
WSAEventSelect
bind

kernel32

TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
lstrcmpiW
GlobalGetAtomNameW
GetTempFileNameW
CopyFileW
GetProfileIntW
SearchPathW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
FindResourceExW
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
MulDiv
GlobalSize
GlobalUnlock
GlobalAddAtomW
GetCurrentProcessId
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
LoadLibraryExW
GetVersionExW
GetCurrentThread
LockResource
SetThreadPriority
MapViewOfFileEx
SwitchToThread
HeapCreate
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetTickCount
GetThreadLocale
IsBadReadPtr
LoadLibraryA
FreeLibrary
CreateThread
WritePrivateProfileStringW
GetPrivateProfileStringW
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFindAtomW
GetWindowsDirectoryW
GetNativeSystemInfo
GetSystemInfo
VirtualFree
VirtualAlloc
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetFileTime
FindClose
ReadFile
GetFileSize
SetLastError
FindResourceW
CreateFileMappingW
MapViewOfFile
SizeofResource
LoadResource
VirtualProtect
FreeResource
SystemTimeToTzSpecificLocalTime
GetModuleHandleA
GetModuleFileNameW
ResumeThread
GetSystemDirectoryW
EncodePointer
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleW
FormatMessageW
LocalFree
GetProcAddress
GlobalFree
GlobalAlloc
lstrcpyW
OpenMutexW
CreateMutexW
GetProcessHeap
HeapDestroy
DecodePointer
GetCurrentDirectoryW
HeapAlloc
ResetEvent
LoadLibraryW
RaiseException
HeapReAlloc
SetEvent
GetLastError
CreateEventW
HeapSize
InitializeCriticalSectionEx
HeapFree
FlushFileBuffers
WideCharToMultiByte
DeleteCriticalSection
GetLocalTime
DeleteFileW
Sleep
CreateFileW
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
OutputDebugStringA
WriteFile
EnterCriticalSection
CloseHandle
FileTimeToSystemTime
UnmapViewOfFile
WaitForSingleObject
VerifyVersionInfoW
VerSetConditionMask
OutputDebugStringW
RtlUnwind
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
ExitProcess
VirtualQuery
QueryPerformanceFrequency
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
GetACP
LCMapStringW
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetTempPathW
WriteConsoleW

user32

GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
UpdateLayeredWindow
WaitMessage
RealChildWindowFromPoint
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
DestroyMenu
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetRect
SetCursorPos
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
GetSystemMenu
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
CharUpperW
IsZoomed
TrackMouseEvent
CopyImage
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
IntersectRect
SendDlgItemMessageA
LoadMenuW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
MapVirtualKeyW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
InvalidateRect
UpdateWindow
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
LoadCursorW
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
UnhookWindowsHookEx
PtInRect
ScreenToClient
ClientToScreen
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
LoadAcceleratorsW
CreateAcceleratorTableW
GetKeyNameTextW
SubtractRect
RegisterClipboardFormatW
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DestroyWindow
IsWindow
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
GetWindowRgn
GetLastActivePopup
DestroyCursor
InvertRect
HideCaret
SetPropW
GetWindowLongW
MessageBoxW
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageW
DrawIconEx
GetParent
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
RedrawWindow
SetWindowRgn
DrawStateW
GetFocus
DrawFrameControl
DrawEdge
RegisterWindowMessageW
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
GetMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
GetWindowThreadProcessId
wsprintfW
FindWindowExW
GetWindowRect
SendMessageW
GetSystemMetrics
DrawIcon
LoadIconW
FindWindowW
GetClientRect
IsIconic
EnableWindow
UnregisterClassW
SetScrollInfo

gdi32

EnumFontFamiliesW
GetTextCharsetInfo
GetMapMode
SetRectRgn
DPtoLP
SetBkMode
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
CreateFontIndirectW
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
CreateDIBitmap
CreateCompatibleBitmap
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
GetObjectW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
RestoreDC
FillRgn
DeleteDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

SetSecurityDescriptorDacl
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
InitializeSecurityDescriptor
RegCloseKey

shell32

SHGetFileInfoW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
DragFinish
DragQueryFileW
ShellExecuteW
Shell_NotifyIconW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

StrChrW
StrPBrkW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

DrawThemeParentBackground
DrawThemeText
GetThemeColor
DrawThemeBackground
CloseThemeData
GetCurrentThemeName
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
OpenThemeData
GetWindowTheme

ole32

OleCreateMenuDescriptor
CoUninitialize
CoCreateInstance
CoCreateGuid
CLSIDFromString
CoInitialize
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleUninitialize
CoInitializeEx
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor

oleaut32

LoadTypeLi
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics

iphlpapi

GetAdaptersInfo

winmm

PlaySoundW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

254258ad41583eb44408fb3eb02665b5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

iphlpapi

winmm

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 335KB - Virtual size: 335KB

.data Size: 25KB - Virtual size: 50KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 125KB - Virtual size: 125KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 335KB - Virtual size: 335KB

.data
Size: 25KB - Virtual size: 50KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 125KB - Virtual size: 125KB