8aed8c3716d573c06b8b8d4e9cf741c73017d8c453e6f6130d2fce73eaf70b9c

Sharing

Copy URL Twitter E-mail

General

Target

8aed8c3716d573c06b8b8d4e9cf741c73017d8c453e6f6130d2fce73eaf70b9c
Size

1.7MB
MD5

2a30edb0c1186f5e65952f1d61522def
SHA1

7ccdf2f6dd8f27d688625f2c28e5e654a6e28812
SHA256

8aed8c3716d573c06b8b8d4e9cf741c73017d8c453e6f6130d2fce73eaf70b9c
SHA512

1c35a3edd5a07d09789dd3f14ecad31d9eacb5c874f85bcfaadf3e125c268ac2b2be4d26285989d55c6e3a26f04780002437e41832eebdaa88aa31e08f759ddb
SSDEEP

49152:7RxOzVV2wblo3IEjHR6lhpZNXXXXXXXXXXuV5CShn:qPZREjHRUfNXXXXXXXXXXuV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aed8c3716d573c06b8b8d4e9cf741c73017d8c453e6f6130d2fce73eaf70b9c

Files

8aed8c3716d573c06b8b8d4e9cf741c73017d8c453e6f6130d2fce73eaf70b9c
.exe windows:5 windows x86 arch:x86

157db5b19b998f9aa9a14080d250b798

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ButtonManager2\Output\Release\B2.pdb

Imports

kernel32

GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
FindResourceExW
ExitProcess
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GlobalReAlloc
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
LCMapStringA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GetModuleHandleA
GetCurrentProcessId
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
FreeResource
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
InterlockedExchange
lstrcmpW
GlobalLock
GlobalUnlock
GetTickCount
GetFileSize
GetFileInformationByHandle
FileTimeToSystemTime
SetFileTime
WriteFile
LocalFileTimeToFileTime
GetCurrentDirectoryW
ReadFile
SystemTimeToFileTime
SetFilePointer
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThread
Process32NextW
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
GetSystemInfo
VerifyVersionInfoW
VerSetConditionMask
GetExitCodeProcess
GetStartupInfoW
CreatePipe
GetTempFileNameW
GetTempPathW
GetSystemDirectoryW
WinExec
CreateFileA
GlobalAlloc
DeviceIoControl
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
OpenProcess
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcess
GetVersionExW
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
GetComputerNameExW
GetWindowsDirectoryW
CreateProcessW
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
FindFirstFileW
MulDiv
InterlockedDecrement
SetFileAttributesW
GetFileAttributesW
CloseHandle
CreateFileW
RemoveDirectoryW
LocalFree
FormatMessageW
GetLocaleInfoW
lstrcpynW
ExpandEnvironmentStringsW
GlobalFree
SetEnvironmentVariableW
GetSystemDefaultLangID
CreateDirectoryW
MoveFileW
GetDriveTypeW
lstrlenA
GetEnvironmentVariableW
MultiByteToWideChar
WaitForSingleObject
WideCharToMultiByte
GetPrivateProfileIntW
SetUnhandledExceptionFilter
CopyFileW
Sleep
GetLocalTime
GetPrivateProfileStringW
WritePrivateProfileStringW
DeleteFileW
GetCommandLineW
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
GetModuleFileNameW
lstrlenW
FindResourceW
LoadResource
LockResource
GetStartupInfoA
SizeofResource

user32

GetAsyncKeyState
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemInt
GetDlgItemInt
RegisterClipboardFormatW
IsClipboardFormatAvailable
EndPaint
BeginPaint
GetWindowDC
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
GetMessageW
TranslateMessage
ValidateRect
CreateDialogIndirectParamW
EndDialog
CharUpperW
SetWindowContextHelpId
MapDialogRect
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
DestroyWindow
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
SetMenu
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
GetSysColorBrush
DefWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetFocus
CreateWindowExW
GetCapture
GetComboBoxInfo
IsWindow
LoadBitmapW
ScreenToClient
GetMessagePos
GrayStringW
MessageBoxW
GetClassInfoW
FindWindowW
PostMessageW
DrawTextExW
TabbedTextOutW
EqualRect
UpdateWindow
EnumWindows
GetWindowTextW
GetClassNameW
GetWindowThreadProcessId
UnregisterHotKey
RegisterHotKey
SetParent
SetScrollRange
ReleaseCapture
SetCapture
SetScrollPos
GetScrollPos
GetScrollRange
InflateRect
DrawEdge
LoadCursorW
ClipCursor
SetCursorPos
SetLayeredWindowAttributes
DrawFocusRect
DrawTextW
DrawFrameControl
SetWindowLongW
CallWindowProcW
CallWindowProcA
FrameRect
ReleaseDC
CreateIconIndirect
GetIconInfo
FillRect
DrawStateW
DrawIconEx
CopyRect
GetNextDlgGroupItem
UnregisterClassW
CharNextW
IsRectEmpty
SetRect
CopyAcceleratorTableW
InvalidateRgn
TrackPopupMenuEx
GetActiveWindow
WindowFromPoint
PostThreadMessageW
SendMessageW
MessageBeep
GetDlgCtrlID
LoadImageW
LoadIconW
GetSystemMetrics
SetClipboardViewer
IsIconic
GetClientRect
DrawIcon
GetDC
SetWindowRgn
SystemParametersInfoW
LoadMenuW
GetSubMenu
GetCursorPos
ModifyMenuW
DeleteMenu
AppendMenuW
RemoveMenu
SetForegroundWindow
IsWindowVisible
SetTimer
GetWindowRect
GetSysColor
OffsetRect
KillTimer
RegisterWindowMessageW
GetKeyState
DestroyIcon
SetWindowPos
PtInRect
SendInput
GetWindowLongW
GetDesktopWindow
GetWindow
GetTopWindow
GetParent
FindWindowExW
EnableWindow
DestroyCursor
DestroyMenu
GetNextDlgTabItem
ClientToScreen
InvalidateRect
SetCursor
IsWindowEnabled

gdi32

GetRgnBox
EnumFontFamiliesExW
GetMapMode
CreateRectRgnIndirect
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
MoveToEx
BeginPath
SetMapMode
SetROP2
RestoreDC
SaveDC
GetClipBox
GetBkColor
GetTextColor
Escape
TextOutW
RectVisible
PtVisible
CreateSolidBrush
ExtCreatePen
GetDeviceCaps
ExtTextOutW
GetTextMetricsW
Rectangle
CreatePen
SetPixel
GetPixel
CreateFontIndirectW
GetObjectW
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
DeleteObject
GetTextExtentPoint32W
CreateFontW
PathToRegion
EndPath
SetBkMode
LineTo

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
GetNamedSecurityInfoW
RegOpenKeyW
GetUserNameW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegCloseKey

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetFolderPathW
DragQueryFileW
SHFileOperationW
ShellExecuteExW
DragFinish
SHGetSpecialFolderLocation
SHGetMalloc
ord155
SHGetPathFromIDListW
SHBrowseForFolderW
Shell_NotifyIconW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
CoCreateInstance
CoUninitialize
StgCreateDocfile
StgIsStorageFile
StgOpenStorage
CoTaskMemFree
CLSIDFromString
StgCreateDocfileOnILockBytes
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
CoGetClassObject
CoTaskMemAlloc
CoInitialize
StgOpenStorageOnILockBytes

oleaut32

VarDateFromStr
SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SysAllocStringByteLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysStringByteLen
SysFreeString
SysAllocString

sti

StiCreateInstanceW

netapi32

NetApiBufferFree
NetWkstaGetInfo

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageType
GdipCloneImage
GdipDrawImageRectI
GdipGraphicsClear
GdipSetInterpolationMode
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree

winmm

sndPlaySoundW
PlaySoundW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

WSACleanup
freeaddrinfo
getnameinfo
inet_ntoa
getaddrinfo
gethostbyname
gethostname
WSAStartup

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 924KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 469KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

157db5b19b998f9aa9a14080d250b798

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

sti

netapi32

gdiplus

winmm

version

ws2_32

imagehlp

Sections

.text Size: 924KB - Virtual size: 924KB

.rdata Size: 208KB - Virtual size: 207KB

.data Size: 15KB - Virtual size: 38KB

.rsrc Size: 469KB - Virtual size: 469KB

.reloc Size: 119KB - Virtual size: 118KB

.text
Size: 924KB - Virtual size: 924KB

.rdata
Size: 208KB - Virtual size: 207KB

.data
Size: 15KB - Virtual size: 38KB

.rsrc
Size: 469KB - Virtual size: 469KB

.reloc
Size: 119KB - Virtual size: 118KB