bfa49de2341f26c36e5aac9f71688e4f9a122c9e29674b1e21a42ebf4576ba82

Sharing

Copy URL Twitter E-mail

General

Target

bfa49de2341f26c36e5aac9f71688e4f9a122c9e29674b1e21a42ebf4576ba82
Size

4.8MB
MD5

48a01515e3179696937ebf83c0bf9987
SHA1

77c533b8a6e5d4501538833dae893e18cd2f0f68
SHA256

bfa49de2341f26c36e5aac9f71688e4f9a122c9e29674b1e21a42ebf4576ba82
SHA512

4805f495cbbde93ab5849d988cadc82a8a8a221496c5db085c381c362461f56a540bd8f17de9f02375395fae423d7cb90c370cfceb944122148dc543418618bc
SSDEEP

98304:5/Rxa8KzkLzUXfg2Xwyv6Akc7Q+T5uaFU+gVf5EkXHbzJT+l6zBhUJVHTIzuBwJ+:55xblU1vkdDaFU+gCQyVpIxiTRcGYO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfa49de2341f26c36e5aac9f71688e4f9a122c9e29674b1e21a42ebf4576ba82

Files

bfa49de2341f26c36e5aac9f71688e4f9a122c9e29674b1e21a42ebf4576ba82
.exe windows:5 windows x86 arch:x86

9c05e4d362eb8abeec1ca0b04928c5e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\00_PDTech\prj_launcher\1_branch\PDLauncher_Down\U2KRRelease\PDDownload.pdb

Imports

ws2_32

listen
ioctlsocket
accept
getaddrinfo
gethostname
recvfrom
sendto
send
select
__WSAFDIsSet
getpeername
WSAIoctl
connect
WSAGetLastError
htons
ntohs
getsockname
setsockopt
recv
bind
WSASetLastError
socket
closesocket
getsockopt
WSAStartup
WSACleanup
freeaddrinfo

wldap32

ord211
ord301
ord27
ord33
ord79
ord30
ord60
ord26
ord41
ord143
ord50
ord22
ord35
ord32
ord200
ord46

kernel32

SetErrorMode
GetFileAttributesExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetCurrentDirectoryW
GetSystemDirectoryW
GlobalFlags
GetTempFileNameW
GetTempPathW
GetWindowsDirectoryW
GetNumberFormatW
GetProfileIntW
TlsFree
VirtualProtect
GetUserDefaultLCID
FindResourceExW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetSystemTimeAsFileTime
GetTimeFormatW
GetDateFormatW
ExitThread
CreateThread
EncodePointer
DecodePointer
HeapReAlloc
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
RtlUnwind
RaiseException
ExitProcess
HeapQueryInformation
HeapSize
GetSystemInfo
VirtualQuery
SetStdHandle
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
GetFullPathNameA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
GetDriveTypeW
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalFindAtomW
CompareStringW
InitializeCriticalSectionAndSpinCount
GlobalAddAtomW
CreateEventW
SuspendThread
SetThreadPriority
GetCurrentProcessId
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
FileTimeToSystemTime
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
lstrcmpW
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ActivateActCtx
LoadLibraryW
DeactivateActCtx
DeleteFileW
GetModuleHandleW
CreateFileW
lstrcmpiW
GetThreadLocale
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
SetEvent
VirtualAlloc
GetLocalTime
GetFileAttributesA
WideCharToMultiByte
GetFileSize
FormatMessageA
ExpandEnvironmentStringsA
WaitForMultipleObjects
GetFileType
LoadLibraryA
GetStdHandle
FreeLibrary
PeekNamedPipe
GetTickCount
Sleep
DeleteCriticalSection
EnterCriticalSection
SetLastError
LeaveCriticalSection
InitializeCriticalSection
VerifyVersionInfoA
SleepEx
VerSetConditionMask
HeapFree
GetProcessHeap
HeapAlloc
DeviceIoControl
CreateFileA
GetVersionExW
GetProcAddress
GetModuleHandleA
CloseHandle
ReadFile
WaitForSingleObject
CreateProcessA
GetStartupInfoA
CreatePipe
lstrcpyW
GetModuleFileNameW
CreateDirectoryW
CreateProcessW
GetLastError
MultiByteToWideChar
GetDiskFreeSpaceExW
ResumeThread
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameW
InterlockedCompareExchange
GetTimeFormatA
SearchPathW
GetDateFormatA

user32

PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
GetWindowRgn
BringWindowToTop
TranslateAcceleratorW
UnregisterClassW
CopyImage
DestroyIcon
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
GetAsyncKeyState
NotifyWinEvent
GetSystemMenu
DestroyMenu
GetMenuItemInfoW
MessageBeep
InvalidateRgn
SetRect
CopyAcceleratorTableW
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
DeleteMenu
WaitMessage
SetCapture
LoadCursorW
GetSysColorBrush
IntersectRect
MapVirtualKeyW
GetKeyNameTextW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CharUpperBuffW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
CopyRect
GetClassNameW
UpdateWindow
DrawStateW
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetFocus
PtInRect
GetWindowRect
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
PostQuitMessage
CharUpperW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
PostMessageW
GetNextDlgGroupItem
ReleaseCapture
ClientToScreen
DrawFocusRect
OffsetRect
DrawEdge
WindowFromPoint
GetCursorPos
GetCapture
GetWindowLongW
GetSysColor
LoadImageW
IsRectEmpty
InflateRect
FrameRect
CopyIcon
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetIconInfo
HideCaret
InvertRect
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
FillRect
IsCharAlphaNumericW
GetParent
SetWindowRgn
ReleaseDC
GetDC
InvalidateRect
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
RedrawWindow
InsertMenuItemW
LoadBitmapW
LoadIconW
EnableWindow
GetDlgCtrlID

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
GetMapMode
DPtoLP
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
CreateRoundRectRgn
CreateDIBSection
GetWindowExtEx
CreatePolygonRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
GetViewportExtEx
SetLayout
GetLayout
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetTextExtentPoint32W
SelectClipRgn
CreateDIBitmap
StretchBlt
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
CombineRgn
GetPixel
GetStockObject
DeleteObject
CreateFontIndirectW
CreateRectRgn
DeleteDC
BitBlt
GetObjectW
CreateCompatibleDC
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateEllipticRgn
CreatePatternBrush
SetTextAlign

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyW
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptHashData
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW

shell32

DragQueryFileW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHAppBarMessage
ShellExecuteW
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW
PathFileExistsA
PathStripToRootW
PathIsUNCW
PathFindExtensionW

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitialize
CoInitializeEx
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SysAllocStringLen
SysAllocString
VariantCopy
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
VariantInit
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20.2MB - Virtual size: 20.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c05e4d362eb8abeec1ca0b04928c5e1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wldap32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 356KB - Virtual size: 356KB

.data Size: 33KB - Virtual size: 66KB

.rsrc Size: 20.2MB - Virtual size: 20.2MB

.reloc Size: 217KB - Virtual size: 217KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 356KB - Virtual size: 356KB

.data
Size: 33KB - Virtual size: 66KB

.rsrc
Size: 20.2MB - Virtual size: 20.2MB

.reloc
Size: 217KB - Virtual size: 217KB