9a1cac08ed7167183234edd911b26eaf

Sharing

Copy URL Twitter E-mail

General

Target

9a1cac08ed7167183234edd911b26eaf
Size

278KB
MD5

9a1cac08ed7167183234edd911b26eaf
SHA1

ed6cc4e2e80a3fd765706278a0e8db8d40106026
SHA256

5b30ce16de2255574aa28dd7a5a32a14fe36d0ab5146179c15ff6b3b223c2f8c
SHA512

eabd1ff4988da72255c2509050b8c7efbd6020668b40614a1e506f9941fa1987a0b43b1e381ee0065ee75a24e40f88f9b057a890a171c2ff381b451af1e7e4e4
SSDEEP

6144:XUhcF0DcWUwVUKCvqG1JGOZKF/p/uwONct43D92UW37JH:khcFXp4UKCZ29pGHNu4B2U2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a1cac08ed7167183234edd911b26eaf

Files

9a1cac08ed7167183234edd911b26eaf
.exe windows:5 windows x86 arch:x86

cb55676a15cecfdea27d9cb63a6fb46a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\GitLab-Runner\builds\9e6ca229\0\winapp\tcore\TradeAdapter\ApexTrade_StockOption\Release\ApexTrade_StockOption.pdb

Imports

mfc100u

ord1508
ord1514
ord1512
ord1519
ord4388
ord4425
ord4396
ord4408
ord4404
ord4400
ord4430
ord4421
ord4392
ord4434
ord4413
ord4379
ord4383
ord4416
ord3999
ord14067
ord3992
ord2665
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord2952
ord2951
ord2852
ord11159
ord5143
ord5325
ord9333
ord5883
ord897
ord1905
ord1934
ord3261
ord6713
ord9525
ord2629
ord5264
ord285
ord423
ord981
ord4197
ord7241
ord788
ord1212
ord10081
ord3397
ord12951
ord8550
ord2898
ord7662
ord3507
ord2201
ord13168
ord2620
ord1862
ord5830
ord8347
ord8372
ord11164
ord8277
ord2417
ord12606
ord5556
ord2756
ord2980
ord2981
ord10412
ord10058
ord8179
ord11123
ord7524
ord7913
ord13214
ord13220
ord14146
ord4151
ord4150
ord11683
ord345
ord923
ord869
ord1270
ord12153
ord11031
ord1476
ord1479
ord868
ord1269
ord10969
ord11346
ord5664
ord4519
ord11494
ord11375
ord13398
ord3846
ord5238
ord11965
ord6120
ord4954
ord4961
ord4958
ord14205
ord3834
ord12525
ord13412
ord7653
ord13263
ord1498
ord4282
ord2542
ord4516
ord6323
ord342
ord920
ord3879
ord1871
ord5074
ord6704
ord6667
ord6674
ord1870
ord6660
ord895
ord1295
ord1501
ord1020
ord4088
ord7914
ord1446
ord1899
ord481
ord1027
ord12527
ord325
ord911
ord2518
ord2533
ord5518
ord4274
ord5235
ord3497
ord11619
ord11846
ord9499
ord11237
ord13219
ord13206
ord13208
ord2418
ord7385
ord2884
ord2887
ord12610
ord5558
ord3752
ord385
ord4511
ord1312
ord280
ord2068
ord7300
ord745
ord7624
ord7548
ord11784
ord13854
ord4744
ord2164
ord11476
ord11477
ord13381
ord7108
ord13387
ord8530
ord3684
ord3625
ord11864
ord7126
ord1739
ord14162
ord10976
ord13267
ord11469
ord7179
ord13570
ord13567
ord13572
ord13569
ord13571
ord13568
ord3416
ord5261
ord11228
ord11236
ord4086
ord7391
ord9498
ord11240
ord11209
ord11845
ord4642
ord4923
ord5115
ord8483
ord4901
ord5118
ord4645
ord4794
ord4623
ord6931
ord6932
ord6922
ord4792
ord7393
ord9328
ord8346
ord6140
ord950
ord5801
ord5862
ord3446
ord948
ord6036
ord13415
ord11353
ord261
ord13396
ord11330
ord2057
ord258
ord2614
ord2823
ord4331
ord1014
ord3627
ord1310
ord11021
ord12753
ord849
ord1895
ord7176
ord1292
ord890
ord6869
ord9447
ord2062
ord266
ord265
ord2064
ord11503
ord1987
ord11244
ord11246
ord12724
ord2853
ord8393
ord10045
ord6247
ord11210
ord8112
ord13380
ord10937
ord3402
ord11081
ord286
ord1445
ord1298
ord7661
ord8270
ord14060
ord14059
ord4290
ord11530
ord11618
ord5517
ord902
ord296
ord1174
ord721
ord1019
ord468
ord14132
ord14149
ord14145
ord14147
ord469
ord14148
ord2089
ord11801
ord1300

msvcr100

memcpy
_CxxThrowException
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
fclose
fprintf
_mktime64
_wtof
ldiv
wcschr
_mbschr
fgetws
fgets
swscanf
wcstod
iswdigit
iswupper
?what@exception@std@@UBEPBDXZ
remove
fopen
wcstok_s
_wtoi
_wtol
_localtime64_s
_gmtime64_s
_time64
??0exception@std@@QAE@ABV01@@Z
memmove
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
memcpy_s
memset

kernel32

CreateThread
GetLastError
SetEvent
CloseHandle
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileStringW
GetCurrentThreadId
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
GetLocalTime
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
SetDllDirectoryW
SetCurrentDirectoryW
GetDllDirectoryW
GetCurrentDirectoryW
WaitForSingleObject
WideCharToMultiByte
MultiByteToWideChar
GetACP
FindNextFileW
FindFirstFileW
CreateDirectoryW
GetTempPathW
Sleep
TerminateProcess
OpenProcess
GetCurrentProcessId
TerminateThread

user32

GetSystemMetrics
IsIconic
SendMessageW
LoadIconW
PostThreadMessageW
GetMessageW
EnableWindow
SetTimer
PostMessageW
KillTimer
DrawIcon
GetClientRect

comctl32

InitCommonControlsEx

ole32

CoInitializeEx
CoUninitialize

oleaut32

SysFreeString
SysAllocString

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

ws2_32

htons
inet_addr
connect
socket
closesocket

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb55676a15cecfdea27d9cb63a6fb46a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc100u

msvcr100

kernel32

user32

comctl32

ole32

oleaut32

msvcp100

ws2_32

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 69KB - Virtual size: 68KB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 69KB - Virtual size: 68KB

.reloc
Size: 19KB - Virtual size: 19KB