9646536621f3ea9a8e1984b9fb73b426

Sharing

Copy URL Twitter E-mail

General

Target

9646536621f3ea9a8e1984b9fb73b426
Size

69KB
MD5

9646536621f3ea9a8e1984b9fb73b426
SHA1

5b9371ad7e44ab452ee49548d7c2bc821b4289a0
SHA256

e0a931c24659407e7090ad8f79de5d5613ad8c1ad35e32f9e35f0879671641b4
SHA512

5053af26c7f1758b09d8b3712fe205bd9765c22d5d1d487e76503e3b98c7ceaa222ae50baa7ae1055c2f7f14c245e855cfecbe0fba2d74c1889e729ebf9b760c
SSDEEP

1536:V7ErlfnbW+bsjzTRaWLPrpL9IQpVMRDfL3bUOkKq:V7Exfn6+bsjRxLPrFmgSBfL3bY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/StoragePoint_[OptionalReaction].exe

Files

9646536621f3ea9a8e1984b9fb73b426
.rar
StoragePoint_[OptionalReaction].exe
.exe windows:4 windows x86 arch:x86

0da92d315f6f94d15666fb69cbb209e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\documents and settings\cagey\my documents\all_optionalreaction_code\storagepoint v1_1_3_7\release\StoragePoint_[OptionalReaction].pdb

Imports

shlwapi

PathMatchSpecA
PathIsDirectoryA
PathRemoveFileSpecA
PathAddBackslashA

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ord17

comdlg32

GetSaveFileNameA

kernel32

CloseHandle
CreateFileA
GetModuleFileNameA
DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
GetExitCodeThread
CreateThread
MultiByteToWideChar
GetModuleHandleA
CreateDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoA
GetStringTypeW
EnterCriticalSection
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
WriteFile
ExitProcess
LeaveCriticalSection
SetEndOfFile
HeapSize
InterlockedDecrement
ReadFile
HeapDestroy
GetStringTypeA
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
HeapReAlloc
VirtualAlloc
TlsAlloc
VirtualFree
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
FindFirstFileA
FindNextFileA
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
Sleep
GetProcAddress
TlsGetValue
HeapCreate

user32

GetWindowTextA
EnableWindow
GetDlgItem
SendMessageA
SystemParametersInfoA
GetWindowPlacement
GetParent
SetWindowPlacement
LoadIconA
DestroyIcon
WaitMessage
DestroyWindow
PeekMessageA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
SetCursor
LoadImageA
MessageBoxA
ShowWindow
PostMessageA
GetClientRect
GetScrollBarInfo
SetWindowPos
GetWindowRect
InvalidateRect
DialogBoxParamA
CreateDialogParamA
KillTimer
PostQuitMessage
SetTimer
CheckDlgButton
EndDialog
IsDlgButtonChecked
SetWindowTextA

gdi32

DeleteObject
SetBkColor
SetBkMode
CreateSolidBrush

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetDesktopFolder
ShellExecuteA

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
changelog.txt
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

0da92d315f6f94d15666fb69cbb209e2

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comctl32

comdlg32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 217KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 217KB

.rsrc
Size: 28KB - Virtual size: 25KB