805f1647a09216b2feee5573e570586b2234124773e6c18a3717790aa493ebf5

Sharing

Copy URL Twitter E-mail

General

Target

805f1647a09216b2feee5573e570586b2234124773e6c18a3717790aa493ebf5
Size

11.1MB
MD5

d4c5db9a7000a3ea31930fd243bf2eba
SHA1

a649e0df344ec2fe55a4ae133d0f65bf2a29d542
SHA256

805f1647a09216b2feee5573e570586b2234124773e6c18a3717790aa493ebf5
SHA512

1af4f2381aea7b5d8771b5d6a6e24899fc0b14094bd87e8d8e5d25980cc69ce5eea93b8206da4596f854d1c4acdd6c9b8134698f42382a208a3a4f490a6d7819
SSDEEP

196608:1hAjjl71ubcl283O33+/e8lT385ZW6yjHAorvCQINDL5NEH/A:fA/lmcoMXluoZMZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
805f1647a09216b2feee5573e570586b2234124773e6c18a3717790aa493ebf5

Files

805f1647a09216b2feee5573e570586b2234124773e6c18a3717790aa493ebf5
.exe windows:6 windows x64 arch:x64

e04bce0576453df0559d07133a6466a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Projects\swt\VMMTool\PriusTool\x64\Update release\VmmUpdater64.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProfileIntA
SearchPathA
GetTempPathA
GetWindowsDirectoryA
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
SetErrorMode
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
GetACP
GetCPInfo
CreateEventW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SystemTimeToTzSpecificLocalTime
FindNextFileA
FileTimeToLocalFileTime
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFileTime
GetFileAttributesA
RtlUnwind
GetDiskFreeSpaceA
GetCurrentThread
WaitForSingleObjectEx
ResetEvent
GetOEMCP
IsProcessorFeaturePresent
OutputDebugStringW
LCMapStringEx
GetStringTypeW
TerminateProcess
RtlUnwindEx
RtlPcToFileHeader
GetCommandLineA
GetCommandLineW
GetLocalTime
GetTimeZoneInformation
ExitProcess
VirtualAlloc
VirtualQuery
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetFileType
GetFullPathNameW
HeapQueryInformation
QueryPerformanceFrequency
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
DeleteFileW
GetDriveTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
ResumeThread
SetThreadPriority
SetEvent
GetPrivateProfileStringA
lstrcmpA
SystemTimeToFileTime
FileTimeToSystemTime
GetVersionExA
GetCurrentProcessId
GetStringTypeExA
GetThreadLocale
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
SetEnvironmentVariableW
GetCurrentDirectoryW
WriteConsoleW
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
CompareStringA
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GetModuleHandleExW
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
CopyFileA
LocalFree
GlobalFree
GlobalSize
SetLastError
InitializeCriticalSection
LoadLibraryExW
DeviceIoControl
CreateFileW
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
MulDiv
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
FreeLibrary
IsWow64Process
GetSystemInfo
CreateMutexA
WriteConsoleA
AttachConsole
FreeConsole
WritePrivateProfileStringA
GetPrivateProfileIntA
FormatMessageA
GetLastError
GetStdHandle
GetTickCount64
OutputDebugStringA
GlobalLock
GlobalUnlock
GlobalAlloc
FindResourceA
GetModuleHandleA
GetCurrentDirectoryA
GetModuleFileNameA
MultiByteToWideChar
QueryFullProcessImageNameA
lstrcpynA
GetCurrentProcess
Sleep
CreateSemaphoreA
GetTickCount
CreateThread
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
CloseHandle
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
SetUnhandledExceptionFilter

user32

FrameRect
IsClipboardFormatAvailable
SetClassLongPtrA
DestroyAcceleratorTable
ModifyMenuA
CopyIcon
GetDoubleClickTime
SetCursorPos
InvalidateRgn
CopyAcceleratorTableA
CharNextA
PostThreadMessageA
LoadAcceleratorsW
LockWindowUpdate
GetDCEx
SetMenuDefaultItem
GetMenuDefaultItem
SetRect
GetComboBoxInfo
LoadMenuW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadImageW
TrackMouseEvent
RealChildWindowFromPoint
DrawIcon
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageA
SetParent
GetSystemMenu
UnpackDDElParam
IntersectRect
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
DrawStateA
IsZoomed
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
NotifyWinEvent
LoadCursorW
LoadCursorA
InvertRect
HideCaret
MessageBeep
EnableScrollBar
GetAsyncKeyState
GetIconInfo
GetKeyboardLayout
CopyImage
LoadImageA
DestroyIcon
IsRectEmpty
InflateRect
DrawFocusRect
WindowFromPoint
GetCursorPos
SetCursor
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetWindowThreadProcessId
OffsetRect
MapVirtualKeyA
GetKeyNameTextA
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CharUpperA
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
ReuseDDElParam
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
WaitMessage
CharUpperBuffA
SubtractRect
GetUpdateRect
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetSysColor
MapWindowPoints
ScreenToClient
CreateMenu
DestroyCursor
GetWindowRgn
DrawIconEx
MessageBoxA
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetCapture
GetKeyState
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
GetParent
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetWindow
GetWindowLongA
WinHelpA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
GetFocus
UnregisterClassA
GetDesktopWindow
DeleteMenu
GetDpiForWindow
GetSystemMetrics
ExitWindowsEx
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
LoadIconA
GetClientRect
SetActiveWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
PostMessageA
KillTimer
SetTimer
GetDlgCtrlID
IsWindow
LoadBitmapW
SetRectEmpty
GetWindowRect
SendMessageA
wsprintfA
InvalidateRect
UpdateWindow
EnableWindow

gdi32

PatBlt
GetTextExtentPoint32A
CreateFontIndirectA
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateFontA
GetCharWidthA
StretchDIBits
CombineRgn
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateDIBSection
DPtoLP
LPtoDP
GetMapMode
SetRectRgn
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreateRectRgnIndirect
CreateRoundRectRgn
GetRgnBox
OffsetRgn
EnumFontFamiliesExA
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetViewportOrgEx
GetWindowOrgEx
GetTextFaceA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
CreateHatchBrush
CreatePen
CreatePatternBrush
Rectangle
CreateRectRgn
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
DeleteDC
CopyMetaFileA
CreateDCA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetObjectA
BitBlt
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegEnumKeyExA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegOpenKeyExW
OpenProcessToken
RegDeleteKeyValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

DragFinish
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHGetFolderPathA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHAppBarMessage
ExtractIconA
SHGetDesktopFolder
DragQueryFileA

comctl32

InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathFindExtensionA
PathIsUNCA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindFileNameA
PathStripToRootA

uxtheme

CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetThemePartSize
DrawThemeText
GetCurrentThemeName
IsAppThemed
DrawThemeBackground
GetThemeColor

ole32

DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
OleTranslateAccelerator
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoGetClassObject
CreateStreamOnHGlobal
IsAccelerator
CoDisconnectObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CLSIDFromProgID
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoUninitialize

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroy
SysFreeString
SysAllocString
VariantChangeType
VariantInit
GetErrorInfo
VariantClear

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

ws2_32

htons

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

dxgi

CreateDXGIFactory1

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 792KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.3MB - Virtual size: 566.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 953KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e04bce0576453df0559d07133a6466a8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

dxgi

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 792KB - Virtual size: 792KB

.data Size: 6.3MB - Virtual size: 566.1MB

.pdata Size: 115KB - Virtual size: 114KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 953KB - Virtual size: 952KB

.reloc Size: 71KB - Virtual size: 71KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 792KB - Virtual size: 792KB

.data
Size: 6.3MB - Virtual size: 566.1MB

.pdata
Size: 115KB - Virtual size: 114KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 953KB - Virtual size: 952KB

.reloc
Size: 71KB - Virtual size: 71KB