SecuriteInfo[.]com[.]W32[.]Bredolab[.]O[.]gen[.]Eldorado[.]6984[.]5784[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Bredolab.O.gen.Eldorado.6984.5784.exe
Size

14.1MB
MD5

1faa8b92b51b09c16a5f1368ee87c9ba
SHA1

25327fab81a252d1917b44b2e3ed4024ccde9e55
SHA256

b19b4aef8f8129afdd60812b12e227592ba670324e0a39316b62c329c6a9a044
SHA512

936ca5c513bd92fcad0f1172f472257f4c1122f1257b04d1fef45e7dfb95899172215462f62088ac87a058e64e3a7eda61520eefa405c872888e4253e2fe9556
SSDEEP

196608:fpwquP1rhJQxjUCqpggY5YSjRKgyt4SOT8bbMlcnDkDHe7xaFTkXf4BoBfZ/ng5V:hwqY1eOggY5hRKg+D8DHsx9QOfZ/EwK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.Bredolab.O.gen.Eldorado.6984.5784.exe

Files

SecuriteInfo.com.W32.Bredolab.O.gen.Eldorado.6984.5784.exe
.exe windows:5 windows x86 arch:x86

12f29cc5ed155fb002600edffa3ed685

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
GetProfileIntW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
ReadConsoleW
GetConsoleMode
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetCPInfo
LCMapStringW
GetStringTypeW
TryEnterCriticalSection
QueryPerformanceFrequency
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
GetTickCount
SearchPathW
FindResourceExW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
LocalReAlloc
GlobalHandle
GlobalReAlloc
InitializeCriticalSection
MulDiv
GlobalSize
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalUnlock
GetModuleHandleA
OutputDebugStringA
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
LoadLibraryExW
GetVersionExW
GetCurrentThread
ResumeThread
SetThreadPriority
GetFileTime
GetFileAttributesExW
SetFileTime
WriteFile
CompareFileTime
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
LocalAlloc
FindResourceW
LoadResource
LockResource
FreeResource
SizeofResource
IsBadReadPtr
FreeLibrary
GetNativeSystemInfo
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
OpenProcess
GetComputerNameA
GetDriveTypeW
GlobalMemoryStatusEx
LoadLibraryW
GetSystemInfo
GlobalFree
GlobalAlloc
GetDiskFreeSpaceExW
GetFileAttributesW
CreateFileW
DeviceIoControl
CreateDirectoryW
GetCurrentProcessId
GetCurrentThreadId
CreateWaitableTimerW
CreateIoCompletionPort
TlsGetValue
VerifyVersionInfoW
SleepEx
VerSetConditionMask
QueueUserAPC
CloseHandle
TerminateThread
SetEvent
OutputDebugStringW
Sleep
CreateEventW
WaitForSingleObject
GetQueuedCompletionStatus
WaitForMultipleObjects
InterlockedCompareExchange
SetLastError
TlsSetValue
HeapFree
SetWaitableTimer
MoveFileExW
lstrcpyW
CopyFileW
SetFileAttributesW
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
FormatMessageA
TlsFree
InterlockedIncrement
WideCharToMultiByte
LocalFree
InterlockedExchangeAdd
TlsAlloc
FormatMessageW
PostQueuedCompletionStatus
InterlockedDecrement
InterlockedExchange
GetProcAddress
GetModuleHandleExW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
FindFirstFileExW

user32

SetLayeredWindowAttributes
CharUpperW
DestroyIcon
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
DeleteMenu
CopyImage
OffsetRect
SetRectEmpty
SendDlgItemMessageA
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
ReleaseDC
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
ClientToScreen
IsDialogMessageW
SetWindowTextW
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetTopWindow
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
EnumDisplayMonitors
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
UnregisterClassW
EnableWindow
SendMessageW
GetCursorPos
SetForegroundWindow
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetCursorPos
TrackPopupMenu
GetMenuItemCount
WindowFromPoint
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
IntersectRect
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
EnableScrollBar
UnionRect
MonitorFromPoint
LoadImageW
DrawEdge
DrawFrameControl
LoadAcceleratorsW
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
IsZoomed
SetCapture
ReleaseCapture
GetSystemMenu
SetWindowRgn
ScreenToClient
MessageBeep
PostQuitMessage
SetWindowLongW
LoadIconW
SetTimer
GetSubMenu
MessageBoxW
LoadMenuW
KillTimer
UpdateLayeredWindow
GetSystemMetrics
GetDC
GetWindowLongW
FindWindowW
CharNextW
GetWindowTextW
GetDesktopWindow
GetWindow
PostMessageW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
IsWindowEnabled
GetParent
GetWindowThreadProcessId
GetLastActivePopup
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
SetActiveWindow
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetComboBoxInfo
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
DrawStateW
UpdateWindow
InvalidateRect
GetClientRect
FillRect
GetClassNameW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
SetRect
SetParent
BringWindowToTop
LockWindowUpdate
GetKeyboardLayout
GetKeyboardState
IsMenu
IsChild
SetWindowPos
GetWindowPlacement
MapVirtualKeyW
GetMenuItemID
SetClassLongW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClipboardFormatW
CharUpperBuffW
ModifyMenuW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
CopyIcon
FrameRect
PostThreadMessageW
WaitMessage
GetNextDlgGroupItem
GetIconInfo
HideCaret
InvertRect
GetKeyNameTextW
DrawIcon
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
DestroyCursor
GetWindowRgn
GetForegroundWindow

gdi32

CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CreateHatchBrush
CreateCompatibleBitmap
CreateDIBitmap
CreateRectRgnIndirect
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CombineRgn
PatBlt
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
RealizePalette
SetPixel
GetRgnBox
OffsetRgn
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
SetTextColor
SetBkColor
GetStockObject
CreateSolidBrush
CreateBitmap
SelectObject
CreateDIBSection
GetDIBColorTable
SetDIBColorTable
CreateCompatibleDC
StretchBlt
GetObjectW
DeleteObject
GetTextMetricsW
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
OpenProcessToken
GetTokenInformation
IsTextUnicode

shell32

SHBrowseForFolderW
DragQueryFileW
SHAppBarMessage
SHGetDesktopFolder
ShellExecuteW
SHGetFileInfoW
ShellExecuteExW
SHChangeNotify
SHGetPathFromIDListW
SHGetSpecialFolderLocation
Shell_NotifyIconW
DragFinish

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
StrFormatKBSizeW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString
SysStringLen
VariantCopy
VarBstrFromDate
LoadTypeLi
SysAllocStringLen

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateHBITMAPFromBitmap
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipGetImageWidth
GdiplusStartup
GdipGetImageHeight
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdiplusShutdown

ws2_32

ntohl
WSARecv
inet_addr
__WSAFDIsSet
accept
WSAIoctl
select
shutdown
getaddrinfo
ntohs
WSAStartup
WSACleanup
WSAGetLastError
setsockopt
ioctlsocket
htons
htonl
inet_ntoa
WSASocketW
WSAStringToAddressW
WSASetLastError
listen
freeaddrinfo
WSASend
closesocket
bind
getsockopt
getsockname
getpeername
connect

mswsock

GetAcceptExSockaddrs
AcceptEx

rasapi32

RasEnumConnectionsW

iphlpapi

GetExtendedTcpTable
GetAdaptersInfo
GetBestInterfaceEx

winhttp

WinHttpCloseHandle
WinHttpCrackUrl
WinHttpSendRequest
WinHttpOpenRequest
WinHttpSetOption
WinHttpReadData
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpOpen
WinHttpConnect

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vip0
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11.7MB - Virtual size: 11.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12f29cc5ed155fb002600edffa3ed685

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

mswsock

rasapi32

iphlpapi

winhttp

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.vip0 Size: 401KB - Virtual size: 400KB

.data Size: 34KB - Virtual size: 76KB

.gfids Size: 107KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.vmp0 Size: 7KB - Virtual size: 7KB

.reloc Size: 142KB - Virtual size: 141KB

.rsrc Size: 11.7MB - Virtual size: 11.7MB

.text
Size: 1.8MB - Virtual size: 1.8MB

.vip0
Size: 401KB - Virtual size: 400KB

.data
Size: 34KB - Virtual size: 76KB

.gfids
Size: 107KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.vmp0
Size: 7KB - Virtual size: 7KB

.reloc
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 11.7MB - Virtual size: 11.7MB