3d9a9138112abed64ea652328226110e2c4b17e665251b9c3b764d5e0d254007

Sharing

Copy URL

Twitter E-mail

General

Target

3d9a9138112abed64ea652328226110e2c4b17e665251b9c3b764d5e0d254007
Size

3.5MB
MD5

24883d8c87e9f1c5e98cf3ae4e585fd9
SHA1

7d3223beeef6e5aeef33f075d2a25c41e3eed6b4
SHA256

3d9a9138112abed64ea652328226110e2c4b17e665251b9c3b764d5e0d254007
SHA512

09b5dcb24d3bc43c12b562701fb79b0016ecffa026ebd231c28bb5b287a20daca57cc0ec32b75ef9796bd5a0854766fc53285b37654ac386e17c5ee9312bb9c1
SSDEEP

98304:Ll9yMWMnJ5E3veEVDLPM48PPMxYnaGDqDLCZOp8bOpEJPxI:LlYMxnw3veh4C+i7ypEJPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d9a9138112abed64ea652328226110e2c4b17e665251b9c3b764d5e0d254007

Files

3d9a9138112abed64ea652328226110e2c4b17e665251b9c3b764d5e0d254007
.exe windows:6 windows x86 arch:x86

6e65a96f965c46435e4c413040e2df79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Proyectos\FileMenu Tools\Programa\FileMenuTools.pdb

Imports

kernel32

SetStdHandle
VirtualQuery
GetCommandLineW
GetCommandLineA
SetEnvironmentVariableW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
lstrlenA
GetExitCodeProcess
HeapQueryInformation
SetConsoleCtrlHandler
GetStringTypeW
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
GetFileType
QueryPerformanceFrequency
GetStdHandle
DebugBreak
LCMapStringW
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SearchPathW
SetErrorMode
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GlobalFlags
GetFileSizeEx
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
VirtualProtect
VerifyVersionInfoW
VerSetConditionMask
MoveFileW
lstrcmpiW
GetCurrentProcess
ExitProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFileSize
FlushFileBuffers
GlobalGetAtomNameW
CompareStringA
GetCurrentThread
FileTimeToLocalFileTime
GetProfileIntW
GetTickCount64
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
EncodePointer
LoadLibraryA
GetModuleHandleA
OutputDebugStringA
GlobalSize
GetSystemInfo
InitializeCriticalSection
ResumeThread
SetThreadPriority
CreateThread
GetPrivateProfileIntW
lstrcmpA
GetPrivateProfileStringW
LocalAlloc
Sleep
SetFilePointer
ReadFile
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
WritePrivateProfileStringW
IsBadStringPtrW
FindResourceExW
WriteFile
LoadLibraryExW
WinExec
GetTickCount
RaiseException
SetLastError
GetFullPathNameW
GetFileAttributesExW
GetUserDefaultLangID
FreeEnvironmentStringsW
GetEnvironmentStringsW
MulDiv
OpenProcess
GetCurrentProcessId
GetVersionExW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetVolumeLabelW
lstrcpyW
lstrcmpW
GetModuleFileNameW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTempPathW
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetVolumeInformationW
GetTempFileNameW
GetLogicalDriveStringsW
GetFileTime
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceW
FindNextFileW
FindFirstFileW
GetProcAddress
FindClose
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
ExpandEnvironmentStringsW
EnumResourceNamesW
GetModuleHandleW
FreeLibrary
SuspendThread
TerminateThread
GetCurrentThreadId
CreateEventW
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
CopyFileW
lstrlenW
FormatMessageW
LocalFree
GlobalLock
GlobalUnlock
GlobalAlloc
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
CreateProcessW
OpenEventW
CreateMutexW
WaitForSingleObject
ReleaseMutex
SetEvent
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLastError
CloseHandle
DeleteFileW
GlobalFree
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
GetCPInfo

user32

IsZoomed
CloseWindow
ShowCaret
HideCaret
MapVirtualKeyW
IsRectEmpty
ShowScrollBar
RegisterClipboardFormatW
IntersectRect
GetMessagePos
TranslateMessage
GetCapture
DispatchMessageW
GetMessageW
mouse_event
SetParent
EqualRect
SetRectEmpty
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
SetWindowRgn
AdjustWindowRectEx
IsMenu
GetScrollInfo
GetClassLongW
MapWindowPoints
GetWindowRgn
RegisterWindowMessageW
GetWindow
GetClassNameW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
GetDlgCtrlID
wsprintfW
SetDlgItemTextW
IsDlgButtonChecked
CharNextW
SendMessageW
PostMessageW
CreateIconIndirect
WinHelpW
GetLastActivePopup
SetForegroundWindow
DestroyWindow
CreateWindowExW
DrawEdge
LoadStringW
GetParent
OffsetRect
FrameRect
GetDCEx
ClientToScreen
DrawStateW
TrackPopupMenuEx
GetSubMenu
DestroyMenu
LoadMenuW
GetActiveWindow
GetNextDlgTabItem
IsWindowEnabled
LoadCursorW
FillRect
SetCursor
IsWindowVisible
GetMonitorInfoW
MonitorFromWindow
SetMenuItemBitmaps
InflateRect
GetMenuCheckMarkDimensions
GetMessageTime
RegisterClassW
GetClassInfoW
GetClassInfoExW
GetWindowPlacement
SetWindowPlacement
IsIconic
SetMenu
TrackPopupMenu
ValidateRect
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
SetPropW
GetPropW
RemovePropW
MessageBoxW
LockWindowUpdate
CopyRect
DrawFocusRect
MessageBeep
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
EndPaint
BeginPaint
DrawTextW
EnableMenuItem
GetSystemMenu
GetSystemMetrics
KillTimer
SetTimer
SetFocus
GetDialogBaseUnits
CheckDlgButton
EndDialog
DialogBoxIndirectParamW
InvertRect
GetMenuDefaultItem
DestroyAcceleratorTable
IsClipboardFormatAvailable
DrawTextExW
GrayStringW
TabbedTextOutW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetClipboardData
SetCursorPos
GetKeyboardLayout
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
CreateAcceleratorTableW
CopyAcceleratorTableW
SetActiveWindow
GetSysColorBrush
CreatePopupMenu
GetMenu
GetMenuState
UnionRect
DrawFrameControl
BringWindowToTop
AppendMenuW
DeleteMenu
CheckMenuItem
CharToOemBuffA
OemToCharBuffA
GetMenuStringW
InsertMenuW
WindowFromPoint
RemoveMenu
EnableWindow
GetDlgItem
GetWindowRect
GetCursorPos
ScreenToClient
GetKeyState
SetCapture
ReleaseCapture
RedrawWindow
PtInRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
UpdateWindow
GetForegroundWindow
GetDesktopWindow
LoadIconW
GetFocus
GetWindowLongW
SetWindowLongW
IsWindow
InvalidateRect
DrawIconEx
GetSysColor
UnregisterClassW
PeekMessageW
PostThreadMessageW
PostQuitMessage
GetDC
ReleaseDC
SetRect
LoadBitmapW
DestroyIcon
CreateIconFromResourceEx
LoadImageW
CopyIcon
GetIconInfo
MonitorFromPoint
DefWindowProcW
CallWindowProcW
ShowWindow
MoveWindow
SetWindowPos
IsDialogMessageW
SendDlgItemMessageA
GetWindowDC
CreateDialogIndirectParamW
GetWindowThreadProcessId
GetTopWindow
SetScrollInfo
SystemParametersInfoW
ShowOwnedPopups
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
CharUpperW
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawIcon
GetAsyncKeyState
MapDialogRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
NotifyWinEvent
RealChildWindowFromPoint
CopyImage
TrackMouseEvent
ModifyMenuW
WaitMessage
ToUnicodeEx
GetKeyboardState
EnumChildWindows
SetClassLongW
GetNextDlgGroupItem
GetComboBoxInfo
CreateMenu
GetDoubleClickTime
GetUpdateRect
SubtractRect
SetMenuDefaultItem
UpdateLayeredWindow
CharUpperBuffW
EnableScrollBar
DestroyCursor

gdi32

PtVisible
RectVisible
Rectangle
GetMapMode
StretchDIBits
Polyline
GetTextAlign
Ellipse
ExtFloodFill
GetBkColor
GetRgnBox
CopyMetaFileW
CreateHatchBrush
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
Escape
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBitmap
EnumFontFamiliesW
DPtoLP
CreateEllipticRgn
LPtoDP
GetCharWidthW
RealizePalette
SetDIBColorTable
CreateRoundRectRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
SetPaletteEntries
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
Polygon
GetTextCharsetInfo
EnumFontFamiliesExW
CreateFontW
SetPixel
SetDIBits
GetViewportOrgEx
PatBlt
CreatePolygonRgn
GetPixel
SetRectRgn
OffsetRgn
GetWindowOrgEx
FillRgn
CreateRectRgnIndirect
CreateRectRgn
CombineRgn
TextOutW
MoveToEx
GetTextMetricsW
SetTextJustification
LineTo
GetTextExtentPoint32W
GetCurrentObject
BitBlt
ExtTextOutW
SetTextColor
SetBkMode
SetBkColor
RoundRect
CreatePen
CreateFontIndirectW
CreateDCW
StretchBlt
GetDeviceCaps
CreateCompatibleBitmap
GetObjectW
CreateDIBSection
SelectObject
GetDIBits
CreateCompatibleDC
CreateBitmap
DeleteObject
GetStockObject
GetTextColor
DeleteDC
CreatePatternBrush
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

CryptVerifySignatureW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueW
CryptAcquireContextW
CryptImportKey
CryptDestroyKey
CryptDestroyHash
SetNamedSecurityInfoW
CryptCreateHash
CryptHashData

shell32

SHGetSpecialFolderLocation
DragFinish
SHGetSpecialFolderPathW
DuplicateIcon
ExtractIconW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHChangeNotify
SHFileOperationW
SHGetFileInfoW
ExtractIconExW
ShellExecuteW
DragQueryFileW
ShellExecuteExW
SHAppBarMessage

comctl32

ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragMove
ord17
ord345
ImageList_GetIcon
ImageList_AddMasked
ImageList_GetImageCount
_TrackMouseEvent
ImageList_Create
ImageList_Add
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_GetIconSize

shlwapi

UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathSkipRootW
PathRemoveFileSpecW
PathRemoveArgsW
PathRelativePathToW
PathParseIconLocationW
PathMakePrettyW
PathFindFileNameW
PathFindExtensionW
PathCanonicalizeW
StrFormatKBSizeW

uxtheme

OpenThemeData
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
CloseThemeData
GetThemePartSize
IsAppThemed
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetWindowTheme
GetThemeSysColor

ole32

DoDragDrop
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleFlushClipboard
CoDisconnectObject
CoFreeUnusedLibraries
CoCreateGuid
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity
CoInitializeEx
OleRun
OleUninitialize
OleInitialize
CoCreateInstance
CoInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

VariantCopy
SystemTimeToVariantTime
VariantChangeType
VarBstrFromDate
LoadTypeLi
VarDateFromStr
SysFreeString
VariantInit
VariantClear
SysAllocStringLen
VariantTimeToSystemTime
SysAllocString
SysStringLen

oledlg

OleUIBusyW
OleUIAddVerbMenuW

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdiplusShutdown
GdipGetImagePixelFormat
GdipCreateFromHDC
GdipAlloc
GdipFree
GdiplusStartup
GdipGetImageHeight

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

rpcrt4

UuidToStringA
RpcStringFreeA

winmm

PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpQueryInfoW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e65a96f965c46435e4c413040e2df79

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

rpcrt4

winmm

oleacc

wininet

imm32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 527KB - Virtual size: 526KB

.data Size: 44KB - Virtual size: 64KB

.rsrc Size: 418KB - Virtual size: 417KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 527KB - Virtual size: 526KB

.data
Size: 44KB - Virtual size: 64KB

.rsrc
Size: 418KB - Virtual size: 417KB