4a45bdedffc783088f35512661cdd5555cec9a38122968e46026c9a73f4f984e

Sharing

Copy URL Twitter E-mail

General

Target

4a45bdedffc783088f35512661cdd5555cec9a38122968e46026c9a73f4f984e
Size

4.6MB
MD5

add661910323bad791b4f5067a3f06c7
SHA1

885cf5b41cc12d4ddaf97d958aea7e4471521844
SHA256

4a45bdedffc783088f35512661cdd5555cec9a38122968e46026c9a73f4f984e
SHA512

696ac6691a1eab8a304fdf62bfb18880740bfc2f9960104ad0a11d28d6503d3c09c0103820ed9d49ba98dc15657952d9a8be7dce131e4913e13726b027b797f4
SSDEEP

98304:Uaa78H+hU89JVfiyNGGNhOU0ado6HIdSfOCZLWiyJ4sMg157B22RMBFbKVuFLOAC:Uaa7jBBP9zOAIRCZTYXPRMBFbRFLOyo/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a45bdedffc783088f35512661cdd5555cec9a38122968e46026c9a73f4f984e

Files

4a45bdedffc783088f35512661cdd5555cec9a38122968e46026c9a73f4f984e
.exe windows:5 windows x86 arch:x86

51bd4e6af14bf538e2824ef1e25c7f77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\project\K10\current\K10WorkStation\vet\KX_station_win\Release\kx_station_v.pdb

Imports

kernel32

GetCommandLineW
RtlUnwind
VirtualAlloc
VirtualQuery
IsDebuggerPresent
IsProcessorFeaturePresent
ExitThread
ExitProcess
GetModuleHandleExW
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
CreateSemaphoreW
FatalAppExitA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetStringTypeW
SetConsoleCtrlHandler
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
SetCurrentDirectoryW
WriteConsoleW
SetEnvironmentVariableA
LoadResource
SizeofResource
lstrlenW
lstrlenA
LocalUnlock
LocalLock
FindResourceExW
VirtualProtect
FindResourceW
DeleteFileW
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetDriveTypeW
FreeLibrary
GetProcAddress
LoadLibraryW
DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
GetCurrentProcessId
CloseHandle
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
CreateFileW
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
GetVersionExW
FormatMessageW
Sleep
WriteFile
FormatMessageA
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
SetErrorMode
SetFileAttributesW
LocalFileTimeToFileTime
GetFileSizeEx
GetUserDefaultLCID
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFileTime
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GlobalFlags
GetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
VerifyVersionInfoW
VerSetConditionMask
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
GetVolumeInformationW
GetShortPathNameW
lstrcpyW
WritePrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetCurrentThread
GlobalGetAtomNameW
FileTimeToSystemTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
EncodePointer
CopyFileW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
GetSystemDefaultLangID
GetPrivateProfileStringW
CreateThread
RaiseException
DecodePointer
TryEnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
GetFileSize
CreateMutexW
HeapCompact
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
HeapFree
WaitForSingleObject
InterlockedCompareExchange
UnlockFile
FlushViewOfFile
LockFile
WaitForSingleObjectEx
OutputDebugStringW
GetTickCount
LockResource

user32

SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
LockWindowUpdate
SetCursorPos
InvalidateRgn
CharNextW
WaitMessage
CreateMenu
CopyAcceleratorTableW
PostThreadMessageW
SetParent
WindowFromDC
InSendMessage
GetTabbedTextExtentW
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
MessageBeep
DeleteMenu
GetSystemMenu
TrackMouseEvent
MonitorFromPoint
EnableScrollBar
GetAsyncKeyState
UpdateLayeredWindow
IsMenu
UnionRect
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDialogBaseUnits
GetMenuItemInfoW
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
CharUpperW
GetSysColorBrush
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
IsZoomed
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
IntersectRect
InsertMenuItemW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
LoadMenuW
DestroyCursor
SetRect
SystemParametersInfoW
LoadCursorW
SetWindowRgn
GetIconInfo
DrawIconEx
CopyImage
LoadImageW
DestroyIcon
IsRectEmpty
OffsetRect
InflateRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
SetCursor
ReleaseCapture
SetCapture
GetNextDlgGroupItem
MapVirtualKeyW
GetKeyNameTextW
GetWindowThreadProcessId
GetCursorPos
GetUpdateRect
GetMessageW
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SendMessageW
PostMessageW
EnableWindow
GetDC
ReleaseDC
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
ToUnicodeEx
GetWindowRgn
EnumChildWindows
GetComboBoxInfo
SendNotifyMessageW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
SubtractRect
GetDCEx
IsClipboardFormatAvailable
RegisterClassW
CallWindowProcW
GetKeyboardLayout
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
InvertRect
HideCaret
CreateAcceleratorTableW
GetKeyboardState
TranslateMessage
InvalidateRect
GetClientRect
GetWindowRect
FillRect
IsWindow
SetTimer
KillTimer
DrawTextW
GetWindowLongW
SetWindowLongW
GetDesktopWindow
UnregisterClassW
IsIconic
GetSystemMetrics
DrawIcon
LoadIconW
DrawStateW
UpdateWindow
GetClassNameW
LoadBitmapW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
SendDlgItemMessageA
GetParent
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
GetDoubleClickTime

gdi32

GetStockObject
CopyMetaFileW
CreateDCW
BitBlt
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
PatBlt
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetTextExtentPoint32W
CreateEllipticRgn
Ellipse
DPtoLP
LPtoDP
AbortDoc
SetAbortProc
GetViewportOrgEx
CreateCompatibleBitmap
GetTextMetricsW
CombineRgn
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetMapMode
SetRectRgn
GetDIBits
RealizePalette
SetPixel
CreateRoundRectRgn
GetROP2
GetBkMode
GetCharWidthW
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
CreateFontW
StretchDIBits
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetCurrentObject
GetNearestPaletteIndex
GetSystemPaletteEntries
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
SetPixelV
GetObjectW
SetDIBColorTable
CreateDIBSection
SetStretchBltMode
StretchBlt
SelectObject
Rectangle
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
EndPage
StartPage
EndDoc
GetDeviceCaps
SetWindowExtEx
CreateFontIndirectW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
GetJobW
OpenPrinterW
DocumentPropertiesW

advapi32

RegSetValueExW
RegEnumKeyExW
RegEnumValueW
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW

shell32

ExtractIconW
SHCreateDirectoryExW
DragQueryFileW
DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteExW
SHAppBarMessage
ShellExecuteW
SHAddToRecentDocs
SHGetFileInfoW
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFileExistsW
PathFindFileNameW

uxtheme

GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText

ole32

CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
OleIsRunning
WriteClassStg
ReadClassStg
CreateBindCtx
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleRun
GetRunningObjectTable
CreateFileMoniker
CoLockObjectExternal
GetHGlobalFromILockBytes
OleGetIconOfClass
OleLockRunning
OleSetContainedObject
CoCreateInstance
CoCreateGuid
CoInitialize
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoDisconnectObject
CreateStreamOnHGlobal
PropVariantCopy
OleRegGetMiscStatus
OleRegEnumVerbs
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
CoRegisterClassObject
OleQueryCreateFromData
OleQueryLinkFromData
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoGetMalloc
CreateOleAdviseHolder
CreateDataAdviseHolder
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoTreatAsClass
OleGetClipboard
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateItemMoniker
WriteFmtUserTypeStg
CreateGenericComposite

oleaut32

VariantTimeToSystemTime
VarUdateFromDate
SysStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
VarDateFromStr
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SystemTimeToVariantTime
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SysAllocStringByteLen
CreateErrorInfo
SysStringLen
SysAllocString
SysFreeString
GetErrorInfo
SetErrorInfo
SafeArrayGetDim

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

ws2_32

WSAStartup
socket
shutdown
send
listen
inet_addr
htons
htonl
ioctlsocket
connect
closesocket
bind
accept
WSAGetLastError
recv
WSACleanup

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 535KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51bd4e6af14bf538e2824ef1e25c7f77

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 535KB - Virtual size: 535KB

.data Size: 39KB - Virtual size: 372KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 188KB - Virtual size: 187KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 535KB - Virtual size: 535KB

.data
Size: 39KB - Virtual size: 372KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 188KB - Virtual size: 187KB