92a14dc710459f6c311859ec2cc721052c26197b056d2672b8c3c1e2ee7fe057

Sharing

Copy URL Twitter E-mail

General

Target

92a14dc710459f6c311859ec2cc721052c26197b056d2672b8c3c1e2ee7fe057
Size

650KB
MD5

a9e207118313fb9a91de0a550db5a4e5
SHA1

bfbb574f69e415d5b17d6235343386f32d8bc33f
SHA256

92a14dc710459f6c311859ec2cc721052c26197b056d2672b8c3c1e2ee7fe057
SHA512

49f8bdc62783a09036842e39d02d56c597be88969ad975f72cf83e32978fbbb9d8b85e65931824a069d46002a10efa9e66c7043e38e6244828080ef22bb8975b
SSDEEP

12288:mffVnosX50J71VRU0AZOC7Kl/cU5JX42MLhCsOwIxAB0hdaUnIEJJtzL7CRsNfUM:7sp8JUfiNcQP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92a14dc710459f6c311859ec2cc721052c26197b056d2672b8c3c1e2ee7fe057

Files

92a14dc710459f6c311859ec2cc721052c26197b056d2672b8c3c1e2ee7fe057
.exe windows:6 windows x64 arch:x64

a4e15d1ec942f8ddbed2cdf5594505c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ben_lee\Desktop\Customer Support\1.0\x64\Release\PriorityCS.pdb

Imports

mfc110u

ord4597
ord5580
ord285
ord2866
ord4450
ord1662
ord1668
ord2377
ord2245
ord280
ord290
ord13418
ord2296
ord2292
ord955
ord4595
ord2290
ord6179
ord5202
ord5204
ord12296
ord1494
ord286
ord12753
ord266
ord265
ord1027
ord296
ord1480
ord956
ord1419
ord2932
ord1669
ord1028
ord316
ord1418
ord481
ord11492
ord11945
ord7902
ord12432
ord2848
ord1658
ord1492
ord1482

msvcr110

_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__C_specific_handler
_wcmdln
_fmode
_commode
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCaptureCurrentContext
__crtCapturePreviousContext
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
_filelengthi64
_wsopen_s
strchr
strtok_s
fread
ftell
fseek
fclose
_wfopen_s
_cexit
_vscwprintf
_purecall
calloc
srand
_wcsicmp
strcpy_s
sprintf_s
rand
_wmkdir
wcscspn
memmove
wcsncpy_s
free
memcpy_s
swprintf_s
wcscpy_s
_exit
memset
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
_recalloc
_vsnwprintf_s
_close
_CxxThrowException
__CxxFrameHandler3
memcpy
_strupr_s

kernel32

QueryPerformanceCounter
FindResourceExW
LoadResource
LockResource
FindResourceW
SizeofResource
GlobalAlloc
GlobalLock
GetSystemTimeAsFileTime
GetCurrentProcessId
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
GetCurrentThreadId
MultiByteToWideChar
GetTickCount
SystemTimeToFileTime
GetLocalTime
UnmapViewOfFile
WriteFile
CloseHandle
SetFilePointer
GetFileInformationByHandle
FileTimeToSystemTime
ReadFile
GetFileSize
CreateFileW
WideCharToMultiByte
WaitForSingleObject
Sleep
CreateProcessW
OutputDebugStringW
GetVersionExW
GetSystemDefaultLocaleName
GetSystemDefaultLCID
lstrcatW
lstrcpynW
SetFileAttributesW
GetModuleFileNameW
DeleteFileW
GetLastError
CreateMutexW
GetCommandLineW
GlobalFree
EncodePointer
GlobalUnlock
lstrlenW

user32

ShowWindow
CreateWindowExW
PostMessageW
DrawTextW
SetFocus
SendMessageW
DestroyWindow
BringWindowToTop
GetClientRect
GetDC
ReleaseDC
GetDesktopWindow
InvalidateRect
SetWindowRgn
EnableWindow
FillRect
BeginPaint
EndPaint
SetWindowPos
SetWindowTextW
GetWindowTextW
ShowScrollBar
SetWindowLongPtrW
GetWindowLongPtrW
GetParent
SetCursor
GetCursorPos
ScreenToClient
PtInRect
TrackMouseEvent
SetCapture
ReleaseCapture
DefWindowProcW
PostQuitMessage
GetSystemMetrics
RegisterClassExW
LoadCursorW
DispatchMessageW
TranslateMessage
UpdateWindow
FindWindowW
SetForegroundWindow
GetMessageW

gdi32

CreateRectRgn
CreateCompatibleDC
CreateDCW
DeleteObject
GetTextExtentPoint32W
DeleteDC
GetObjectW
SelectObject
SetTextColor
SetBkMode
BitBlt
CreateFontW
CombineRgn
GetStockObject
CreateCompatibleBitmap
SetBkColor
CreateSolidBrush

msimg32

AlphaBlend

comdlg32

GetOpenFileNameW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathIsRelativeW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathRemoveBackslashW

wininet

InternetCloseHandle
InternetReadFile
HttpEndRequestW
InternetWriteFile
HttpSendRequestExW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetOpenW

gdiplus

GdipDrawImageRectRect
GdipFillRectangleI
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdiplusShutdown
GdiplusStartup

msvcp110

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Winerror_map@std@@YAPEBDH@Z
?_Syserror_map@std@@YAPEBDH@Z

ole32

CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 400KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4e15d1ec942f8ddbed2cdf5594505c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc110u

msvcr110

kernel32

user32

gdi32

msimg32

comdlg32

advapi32

shell32

comctl32

shlwapi

wininet

gdiplus

msvcp110

ole32

Sections

.text Size: 97KB - Virtual size: 97KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 400KB - Virtual size: 1.1MB

.text
Size: 97KB - Virtual size: 97KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 400KB - Virtual size: 1.1MB