9a739ee2e12554975431301ee6ed17e6

Sharing

Copy URL

Twitter E-mail

General

Target

9a739ee2e12554975431301ee6ed17e6
Size

1.0MB
MD5

9a739ee2e12554975431301ee6ed17e6
SHA1

3a402256acf972ec79e1382fcaf827eb1c2c20c3
SHA256

283765c310eff2ec907eb802484f6b9e6abc80436e7f1318aa1554d058aa8192
SHA512

e736cba2b101878b17881e8dff82d5cb335cd3ba638cf3c44255cf6dde2c4acb84313c3ac2a52838730a4857643f1079a62ba7a0324ca339933eac798b65897b
SSDEEP

24576:5dxymm2BluuJKd3oJ00KcYSSMkB1tE4oUTQ5l+pHxdTNVExWKJ:5dxylEjJKpMOSSMsiHmLXNylJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/lpk.dll
unpack001/setup.exe

Files

9a739ee2e12554975431301ee6ed17e6
.rar
Language/Multi_ch.dll
Language/Multi_ch_BIG5.dll
Language/Multi_ch_GB.dll
Language/Multi_eng.dll
lpk.dll
.dll windows:5 windows x86 arch:x86

00c5fd00087020a0645079ce30f4148b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetProcAddress
RtlMoveMemory
LoadLibraryW
lstrcatW
GetSystemDirectoryW
FreeLibrary
lstrcpynA
LockResource
LoadResource
SizeofResource
FindResourceW
CreateProcessW
RtlZeroMemory
CloseHandle
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetLastError
CreateMutexA
lstrcmpiW
GetModuleFileNameW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
GetCurrentThreadId
GetFileAttributesW
lstrcpyW
GetTickCount
GetLogicalDrives
FindNextFileW
SetFileAttributesW
CopyFileW
FindClose
FindFirstFileW
WaitForMultipleObjects
TerminateThread
ResumeThread
SetThreadPriority
CreateThread
SetEvent
CreateEventW
DisableThreadLibraryCalls

user32

wsprintfW

shell32

ord64
ord92

shlwapi

SHRegGetValueW
PathFindExtensionW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
StrStrIW

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setting.dll
setup.exe
.exe windows:4 windows x86 arch:x86

90907b0759e072912491df14da75a447

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

SetPrinterA
GetPrinterDriverDirectoryA
AddPrinterA
EnumPrintersA
AddPrinterDriverExA
AddPrinterDriverA
DocumentPropertiesA
GetPrinterA
ClosePrinter
OpenPrinterA

kernel32

HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
TerminateProcess
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
RtlUnwind
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemDefaultLangID
GetVersionExA
GetVersion
WriteProfileStringA
lstrcatA
lstrcpyA
lstrlenA
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalFree
GlobalAlloc
GetLastError
SetLastError
CopyFileA
GetModuleFileNameA
GetPrivateProfileStringA
CreateDirectoryA
LocalFree
FormatMessageA
DeleteFileA
WritePrivateProfileStringA
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
MulDiv
GetTickCount
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalUnlock
GlobalLock
GetProfileStringA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
GlobalDeleteAtom
DuplicateHandle
FindNextFileA
FindFirstFileA
FindClose
CloseHandle
lstrcmpA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
InflateRect
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GetClassNameA
DestroyMenu
CharUpperA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
LoadStringA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
CopyRect
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
IsWindowUnicode
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
SendDlgItemMessageA
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
MessageBoxA
PostMessageA
GetWindow
IsWindow
SendMessageTimeoutA
LoadBitmapA
InvalidateRect
UpdateWindow
GetParent
EnableWindow
SetTimer
KillTimer
SendMessageA
GetWindowRect
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
CreateBitmap
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateFontA
CreatePatternBrush
GetTextExtentPointA
BitBlt
CreateCompatibleDC
GetDeviceCaps
CreateDIBitmap
CreateSolidBrush

comdlg32

GetFileTitleA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoTaskMemAlloc
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00c5fd00087020a0645079ce30f4148b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: - Virtual size: 672B

.rsrc Size: 38KB - Virtual size: 37KB

.reloc Size: 512B - Virtual size: 494B

90907b0759e072912491df14da75a447

Headers

File Characteristics

Imports

winspool.drv

kernel32

user32

gdi32

comdlg32

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 8.9MB - Virtual size: 8.9MB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: - Virtual size: 672B

.rsrc
Size: 38KB - Virtual size: 37KB

.reloc
Size: 512B - Virtual size: 494B

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 8.9MB - Virtual size: 8.9MB