cc02d0809100271ea782650ffaf80cac5076ed44ea52ff10f7a5aea90a442bb1

Sharing

Copy URL Twitter E-mail

General

Target

cc02d0809100271ea782650ffaf80cac5076ed44ea52ff10f7a5aea90a442bb1
Size

9.5MB
MD5

2f2e4d0dfd6c2f984d691ef0aab194f8
SHA1

5109703fbff9710723f3f079030f66cb042c33ba
SHA256

cc02d0809100271ea782650ffaf80cac5076ed44ea52ff10f7a5aea90a442bb1
SHA512

1166d5535b53a71d9b175af85776368ccb9591d51318b3e3f54555b8c64e474447f716c0ecafdb7373c647167d2757e04b2f755bf5e88e7dfa7a0897a8598e4c
SSDEEP

98304:I86brsWlbQik86QxNHb1kS6IQrzRk6OqagzCJFLOAkGkzdnEVomFHKnP:Itrs+Z1xNnFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc02d0809100271ea782650ffaf80cac5076ed44ea52ff10f7a5aea90a442bb1

Files

cc02d0809100271ea782650ffaf80cac5076ed44ea52ff10f7a5aea90a442bb1
.exe windows:5 windows x86 arch:x86

2eadd53cc5899d89db32e5b3976f841f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\opencv\微软插件\LDVpn-Login\Release\LDVpn.pdb

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetACP
GetLastError
FormatMessageW
GetCurrentThreadId
lstrcmpW
GetProcAddress
lstrcmpiW
GetVersion
MulDiv
CreateFileW
WriteFile
CloseHandle
GetCurrentProcessId
WaitNamedPipeW
SetNamedPipeHandleState
CreateMutexW
OutputDebugStringW
HeapFree
GetProcessHeap
HeapAlloc
FindResourceW
GetCurrentProcess
InitializeCriticalSection
SetUnhandledExceptionFilter
lstrcpyW
Sleep
CreateEventW
ResetEvent
CreateThread
ReadFile
FlushFileBuffers
DisconnectNamedPipe
CreateNamedPipeW
ConnectNamedPipe
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
WinExec
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
OpenProcess
VirtualAllocEx
LoadResource
LockResource
GetModuleFileNameW
OpenEventW
FileTimeToLocalFileTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WriteProcessMemory
ReadProcessMemory
VirtualFreeEx
DeleteFileW
MoveFileW
SetEnvironmentVariableA
lstrlenA
HeapQueryInformation
HeapSize
HeapReAlloc
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetStringTypeW
WaitForSingleObjectEx
ReadConsoleW
GetConsoleMode
SetFilePointerEx
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoW
VirtualQuery
VirtualAlloc
SetStdHandle
GetModuleFileNameA
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
WriteConsoleW
GetFileType
GetStdHandle
ExitThread
GetSystemInfo
HeapValidate
AreFileApisANSI
IsProcessorFeaturePresent
GetModuleHandleExW
GetCommandLineW
GetWindowsDirectoryW
SearchPathW
GetTempPathW
GetTickCount
GetUserDefaultLCID
GetTempFileNameW
FindResourceExW
VerifyVersionInfoW
VerSetConditionMask
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
VirtualProtect
GetProfileIntW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FileTimeToSystemTime
GlobalFindAtomW
GetSystemDirectoryW
DecodePointer
EncodePointer
SetThreadPriority
GlobalAddAtomW
SuspendThread
GetAtomNameW
GlobalGetAtomNameW
SetErrorMode
GetPrivateProfileIntW
lstrcmpA
GlobalDeleteAtom
InterlockedExchange
GetThreadLocale
LoadLibraryW
LoadLibraryA
GetModuleHandleW
GetModuleHandleA
GetHandleInformation
DuplicateHandle
OutputDebugStringA
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
GetFileAttributesW
FindFirstFileW
FindClose
LocalAlloc
LoadLibraryExW
FreeLibrary
CopyFileW
LocalFree
GlobalSize
GetThreadTimes
GetCurrentThread
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
GetLocalTime
GetUserDefaultLangID
GetSystemDefaultLCID
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
CreateDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
InterlockedIncrement
InterlockedDecrement
SetEvent
WaitForSingleObject
FreeResource
ResumeThread
GlobalFree
DebugBreak
IsDebuggerPresent
SizeofResource

user32

GetAsyncKeyState
ReleaseCapture
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
SetScrollInfo
GetClassLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ScrollWindow
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetMessageTime
SendDlgItemMessageA
NotifyWinEvent
LoadCursorW
SetParent
MapWindowPoints
HideCaret
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
InvalidateRgn
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
WaitMessage
GetSystemMenu
DrawMenuBar
SetCapture
GetClipboardFormatNameW
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageW
ValidateRect
GetKeyState
DispatchMessageW
TranslateMessage
GetMessageW
GetMenuCheckMarkDimensions
LoadBitmapW
InvertRect
FrameRect
DrawFocusRect
DrawStateW
GrayStringW
DrawTextExW
DrawTextW
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
UnregisterClassW
GetWindowLongW
GetClassNameW
CallNextHookEx
SetWindowsHookExW
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
SetMenuItemBitmaps
DeleteMenu
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
DrawFrameControl
DrawEdge
MapVirtualKeyW
GetKeyNameTextW
SetActiveWindow
GetActiveWindow
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetLastActivePopup
MessageBoxW
EnableWindow
DrawIconEx
GetSysColorBrush
RegisterWindowMessageW
SetWindowContextHelpId
SetWindowPos
CopyImage
RealChildWindowFromPoint
LoadAcceleratorsW
DestroyMenu
CharNextW
CopyAcceleratorTableW
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
MonitorFromPoint
DestroyIcon
TrackMouseEvent
SetCursorPos
GetDoubleClickTime
GetIconInfo
CopyIcon
CharUpperW
GetDesktopWindow
DestroyAcceleratorTable
SetClassLongW
TranslateAcceleratorW
UnpackDDElParam
ReuseDDElParam
UpdateLayeredWindow
GetClipboardFormatNameA
SubtractRect
UnionRect
IntersectRect
UnhookWindowsHookEx
KillTimer
GetTopWindow
GetWindow
GetParent
SetTimer
GetCapture
GetCursorPos
WindowFromPoint
DefWindowProcW
GetWindowRect
OffsetRect
GetWindowDC
ClientToScreen
InflateRect
RegisterClipboardFormatW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
CharUpperBuffW
IsRectEmpty
IsClipboardFormatAvailable
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
ReleaseDC
SetWindowLongW
CallWindowProcW
IsWindowEnabled
GetSystemMetrics
GetScrollInfo
GetFocus
SendMessageW
GetDC
GetSysColor
GetClientRect
ScreenToClient
PtInRect
SetRectEmpty
SetRect
PostMessageW
LoadIconW
ExitWindowsEx
IsZoomed
GetMessagePos
SystemParametersInfoW
EmptyClipboard
SetClipboardData
CloseClipboard
FindWindowW
FindWindowExW
GetWindowThreadProcessId
FillRect
CopyRect
DestroyCursor
LoadImageW
SetCursor
IsMenu
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
IsWindow
TabbedTextOutW
MapDialogRect
PeekMessageW
PostQuitMessage

gdi32

MoveToEx
SelectObject
CreatePen
SetPixel
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetMapMode
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetTextColor
GetTextExtentPoint32W
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SetPaletteEntries
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsW
LineTo
GetObjectW
TextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceW
SetTextColor
ExcludeClipRect
GetClipBox
IntersectClipRect
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateDIBSection
SetDIBColorTable
EnumFontFamiliesExW
GetSystemPaletteEntries
DeleteObject
SetBkColor
ExtTextOutW
GetStockObject
CreateSolidBrush
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CopyMetaFileW
CreateDCW
CombineRgn
CreateBitmap
CreateEllipticRgn
CreateFontIndirectW
CreateHatchBrush
CreatePalette
CreatePatternBrush

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

ChangeServiceConfigW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
StartServiceW
RegOpenKeyW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExW
SetThreadToken
OpenThreadToken
RevertToSelf

shell32

DragFinish
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW
SHGetDesktopFolder
Shell_NotifyIconW
DragQueryFileW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemeColor
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeText
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CLSIDFromString
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoInitialize
StringFromGUID2
IsAccelerator
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoRevokeClassObject
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal
CoCreateInstance
CoRegisterMessageFilter

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VarBstrFromDate
OleLoadPicture
SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
VariantCopy
SafeArrayDestroy

oledlg

OleUIBusyW

gdiplus

GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipGetImageHeight
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipDrawImageI
GdipGetImageWidth
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipFree

rasapi32

RasHangUpW
RasDeleteEntryW
RasGetErrorStringW
RasSetEntryPropertiesW
RasGetConnectStatusW
RasSetEntryDialParamsW
RasSetCredentialsW
RasGetEapUserDataW
RasGetEapUserIdentityW
RasSetEapUserDataW
RasFreeEapUserIdentityW
RasDialW
RasSetCustomAuthDataW
RasEnumConnectionsW

ws2_32

WSACleanup
gethostbyname
gethostname
WSAStartup
inet_ntoa
ntohs
recvfrom
sendto
inet_addr
htons
setsockopt
socket

dbghelp

MiniDumpWriteDump

iphlpapi

GetAdaptersInfo
CreateIpForwardEntry
DeleteIpForwardEntry
GetIpForwardTable

wininet

HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetOpenW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionExW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetConnectW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetCloseHandle
InternetReadFile

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 898KB - Virtual size: 898KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 945KB - Virtual size: 945KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2eadd53cc5899d89db32e5b3976f841f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

rasapi32

ws2_32

dbghelp

iphlpapi

wininet

oleacc

imm32

winmm

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 898KB - Virtual size: 898KB

.data Size: 77KB - Virtual size: 135KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 945KB - Virtual size: 945KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 898KB - Virtual size: 898KB

.data
Size: 77KB - Virtual size: 135KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 945KB - Virtual size: 945KB