6943bd741b13a07d142807d1493b2d4780e7770811e3874a0d48f1672db9f2eb

Sharing

Copy URL Twitter E-mail

General

Target

6943bd741b13a07d142807d1493b2d4780e7770811e3874a0d48f1672db9f2eb
Size

4.4MB
MD5

f728077eeba71e05e3e0009a3e259f36
SHA1

20f1d46f3a9af87b3e9a4ee60b938da083e09089
SHA256

6943bd741b13a07d142807d1493b2d4780e7770811e3874a0d48f1672db9f2eb
SHA512

43908fca86e61faeb5e6b610f4d66be63e6893466c22c693235939c26461620d82c80571907723f8c4d356df3867ae0f08eddb986c96b469fe0bec46c4fe405d
SSDEEP

98304:p33xEvKBGS1cAycBEFU00uQIQJWKGes8SGGpdAsFLOAkGkzdnEVomFHKnP:p33xQDS17uU3s8SGI9FLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6943bd741b13a07d142807d1493b2d4780e7770811e3874a0d48f1672db9f2eb

Files

6943bd741b13a07d142807d1493b2d4780e7770811e3874a0d48f1672db9f2eb
.exe windows:6 windows x86 arch:x86

e4d229dd83071d9d4efbc068b1685769

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_home\workspace\WinClient\SDP-QT\tools\sdp-pkg-maker\Bin\Release\sdp-uninstaller.pdb

Imports

kernel32

VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
VirtualQuery
GetStdHandle
TerminateThread
GetCPInfo
CompareStringEx
GetLocaleInfoEx
LCMapStringEx
GetTimeZoneInformation
GetFileType
SetFilePointerEx
QueryPerformanceFrequency
GetExitCodeThread
GetStringTypeW
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
SetStdHandle
ExitProcess
GetDateFormatW
GetTimeFormatW
GetConsoleOutputCP
GetConsoleMode
LCMapStringW
IsValidLocale
ReadConsoleW
GetDriveTypeW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
FindResourceExW
SearchPathW
GetProfileIntW
GetUserDefaultLCID
EnumSystemLocalesW
GetTickCount
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
VirtualProtect
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CreateFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GlobalFlags
GetThreadLocale
SystemTimeToFileTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
VerSetConditionMask
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
LoadLibraryA
lstrcpyW
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleA
FreeLibrary
GetVersionExW
GetCurrentThread
OutputDebugStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
CreateEventW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetProcAddress
FileTimeToLocalFileTime
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
OpenEventW
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
Sleep
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoW
CopyFileW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
GetModuleFileNameW
GetNativeSystemInfo
GetWindowsDirectoryW
OpenProcess
CreateProcessW
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
WaitForSingleObject
GetLastError
CloseHandle
OutputDebugStringW
GetTempPathW
RemoveDirectoryW
GetTempFileNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetEnvironmentVariableW

user32

CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
AdjustWindowRectEx
IsDialogMessageW
CreateDialogIndirectParamW
InvertRect
HideCaret
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
EndDialog
GetNextDlgTabItem
GetDesktopWindow
InvalidateRect
RealChildWindowFromPoint
CopyImage
DeleteMenu
SetTimer
KillTimer
DestroyIcon
CharUpperW
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetWindowPlacement
GetWindowPlacement
SetRect
IntersectRect
GetNextDlgGroupItem
MessageBeep
ToUnicodeEx
GetKeyboardLayout
GetAsyncKeyState
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
DestroyCursor
GetComboBoxInfo
PostQuitMessage
FindWindowW
GetClipboardData
RegisterClassExW
MsgWaitForMultipleObjectsEx
CallMsgFilterW
GetQueueStatus
UnregisterClassW
SendMessageW
IsIconic
EnableWindow
GetSystemMetrics
GetSystemMenu
AppendMenuW
DrawIcon
GetClientRect
LoadIconW
SetWindowTextW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostMessageW
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
DefWindowProcW
GetClassInfoW
SetLayeredWindowAttributes
MapWindowPoints
GetSysColor
GetSysColorBrush
SetRectEmpty
CopyRect
LoadCursorW
SystemParametersInfoW
GetMonitorInfoW
EnumDisplayMonitors
RegisterWindowMessageW
DrawEdge
DrawFrameControl
DrawStateW
SetWindowRgn
RedrawWindow
GetWindowRect
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
UnhookWindowsHookEx
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
CreateAcceleratorTableW
DestroyAcceleratorTable
TrackMouseEvent
IsZoomed
LoadMenuW
NotifyWinEvent
SetCursorPos
SetParent
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
SetClassLongW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageW
MonitorFromPoint
UnionRect
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
GetUpdateRect
SendDlgItemMessageA
UpdateLayeredWindow
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
DestroyMenu
GetMenuItemInfoW
CreateMenu
PostThreadMessageW
MonitorFromRect
SubtractRect
GetMessagePos
GetMessageTime
IsClipboardFormatAvailable
TranslateMDISysAccel
CallWindowProcW
RegisterClassW
GetClassInfoExW
IsChild
DefMDIChildProcW
CreateWindowExW
IsWindow
IsMenu
DestroyWindow

gdi32

CreatePolygonRgn
Polygon
Polyline
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
PatBlt
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetRgnBox
CreateRoundRectRgn
CreateDIBSection
GetMapMode
SetRectRgn
DPtoLP
GetDIBits
RealizePalette
SetPixel
SetDIBColorTable
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPixelV
GetTextFaceW
GetTextExtentPoint32W
DeleteDC
CopyMetaFileW
CreateDCW
GetDeviceCaps
CreateBitmap
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
CreateRectRgnIndirect
CreateSolidBrush
DeleteObject
EnumFontFamiliesW
GetObjectA
AddFontResourceExW
AddFontMemResourceEx
GetStockObject
GetTextCharsetInfo
GetTextMetricsW
GetObjectW
CombineRgn
CreateEllipticRgn
CreateHatchBrush
CreateRectRgn
Ellipse
GetBkColor
ExtTextOutW
SetViewportOrgEx
StretchBlt
GetTextColor

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

DeleteService
AdjustTokenPrivileges
GetTokenInformation
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
OpenServiceW
OpenSCManagerW
OpenProcessToken
ControlService
CloseServiceHandle
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
LookupPrivilegeValueW

shell32

SHFileOperationW
ShellExecuteExW
SHGetFolderPathW
SHGetKnownFolderPath
SHChangeNotify
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHAppBarMessage
ShellExecuteW
DragFinish
DragQueryFileW

comctl32

ord17
InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathIsRelativeW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
GetThemeSysColor
DrawThemeText
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground

ole32

CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitializeEx
CoInitialize
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize

oleaut32

SafeArrayCreateVector
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
VariantInit
VariantClear
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayDestroy
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi

oledlg

OleUIBusyW

gdiplus

GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipImageGetFrameDimensionsCount
GdipSetSmoothingMode
GdipCreatePen1
GdipDeletePen
GdipDrawArc
GdipCreateLineBrushFromRect
GdipSetLineBlend
GdipCreatePen2
GdipDrawImageRect
GdipImageRotateFlip
GdipLoadImageFromFile
GdipClonePen
GdipSetPenWidth
GdipGetPenWidth
GdipSetPenColor
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenDashCap197819
GdipGetPenStartCap
GdipGetPenEndCap
GdipGetPenDashCap197819
GdipSetPenLineJoin
GdipGetPenLineJoin
GdipSetPenDashStyle
GdipGetPenDashStyle
GdipCreateTexture
GdipCreatePath
GdipClonePath
GdipResetPath
GdipSetPathFillMode
GdipGetPathFillMode
GdipStartPathFigure
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathLine2I
GdipAddPathBezierI
GdipAddPathCurveI
GdipAddPathRectangleI
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathPieI
GdipAddPathPolygonI
GdipGetPathWorldBoundsI
GdipIsVisiblePathPointI
GdipIsOutlineVisiblePathPointI
GdipCreateMatrix
GdipDeletePath
GdipCreateBitmapFromFile
GdipDrawLineI
GdipDrawBezierI
GdipRotateMatrix
GdipDrawPath
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyCount
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDeleteFontFamily
GdipGetFamily
GdipAddPathString
GdipGetFontSize
GdipGetFontStyle
GdipFillPath
GdipDrawString
GdipDrawEllipseI
GdipFillEllipseI
GdipAddPathArc
GdipAddPathLine
GdipCreatePathGradientFromPath
GdipSetPathGradientWrapMode
GdipSetPathGradientPresetBlend
GdipCreateRegionPath
GdipDeleteRegion
GdipSetClipRegion
GdipCreateEffect
GdipDeleteEffect
GdipSetEffectParameters
GdipBitmapApplyEffect
GdipScaleMatrix
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectRect
GdipDrawImage
GdipFillRectangle
GdipSetWorldTransform
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipTranslateMatrix
GdipGetWorldTransform
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawRectangleI
GdipDeleteMatrix
GdipDrawImageI
GdipTransformPath
GdipMeasureString

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmSetOpenStatus
ImmSetCompositionWindow
ImmGetContext

winmm

PlaySoundW
timeKillEvent
timeSetEvent
timeGetTime

rpcrt4

UuidCreate

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

uiautomationcore

UiaReturnRawElementProvider
UiaClientsAreListening
UiaHostProviderFromHwnd
UiaRaiseAutomationEvent
UiaRaiseAutomationPropertyChangedEvent

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4d229dd83071d9d4efbc068b1685769

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

imm32

winmm

rpcrt4

oleacc

uiautomationcore

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 472KB - Virtual size: 472KB

.data Size: 42KB - Virtual size: 61KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 177KB - Virtual size: 176KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 472KB - Virtual size: 472KB

.data
Size: 42KB - Virtual size: 61KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 177KB - Virtual size: 176KB