f9ad8549a96a3260ae90497e211a5fc33d41341f53ea957e4c52f5734544eda9

Sharing

Copy URL Twitter E-mail

General

Target

f9ad8549a96a3260ae90497e211a5fc33d41341f53ea957e4c52f5734544eda9
Size

8.3MB
MD5

12e863ccdeff3a1bc00faa6bef6c0070
SHA1

9c4e704b4e30e077cc131789d426c82240154504
SHA256

f9ad8549a96a3260ae90497e211a5fc33d41341f53ea957e4c52f5734544eda9
SHA512

bc196d350984993a1ab91915d34e63dc98393e819b78f1a452da400f8cc5a114c6d549e90cc290a75486cfd0096a395d031877ec4c19382d691cad072a1c72bc
SSDEEP

98304:F5S/jPm7xTFzbzT8xZ8OulEIjiBISekxMbzN5GmGWucVjJu67Jd2GxN+n7jRx5:a/MxTFzPcZluldjiBIS/xMfnF+n3X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9ad8549a96a3260ae90497e211a5fc33d41341f53ea957e4c52f5734544eda9

Files

f9ad8549a96a3260ae90497e211a5fc33d41341f53ea957e4c52f5734544eda9
.exe windows:5 windows x86 arch:x86

b9ab23d2a4be93e7dcb37a14c2496ce3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Work_Data\SW_ICE_Build\7623\WinApp\ICPTool\Unicode_Release\ICPTool.pdb

Imports

dbghelp

MiniDumpWriteDump

kernel32

GetDiskFreeSpaceW
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetConsoleCP
GetConsoleMode
GetDriveTypeW
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
ExitProcess
GetTimeFormatA
GetDateFormatA
CreateProcessA
CreateProcessW
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetStdHandle
ExitThread
CreateThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FatalAppExitA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
LCMapStringW
GetCurrentDirectoryA
SetCurrentDirectoryA
SetConsoleCtrlHandler
LCMapStringA
GetTempFileNameW
GetFileTime
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
CreatePipe
GetExitCodeProcess
GetProcessHeap
SetEnvironmentVariableA
SetEnvironmentVariableW
GetDriveTypeA
GetFullPathNameA
CloseHandle
WriteFile
CreateFileW
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
WaitForSingleObject
ReleaseMutex
ResumeThread
Sleep
GetTickCount
ReleaseSemaphore
CreateSemaphoreW
GetProcAddress
LoadLibraryW
CreateMutexW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetLastError
lstrlenW
GetVersionExW
GetPrivateProfileStringW
GetFileAttributesW
GlobalUnlock
GlobalLock
CopyFileW
GetCurrentThreadId
FreeLibrary
GlobalAlloc
lstrcpyW
WinExec
lstrcatW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
FlushViewOfFile
GetCurrentProcess
GetCurrentProcessId
LocalLock
LocalUnlock
WritePrivateProfileStringW
InitializeCriticalSectionAndSpinCount
GetFileSizeEx
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
SystemTimeToFileTime
FileTimeToSystemTime
lstrlenA
GetAtomNameW
GlobalGetAtomNameW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
GetPrivateProfileIntW
InterlockedCompareExchange
QueryPerformanceFrequency
GetThreadTimes
TlsGetValue
LeaveCriticalSection
InterlockedIncrement
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
SuspendThread
SetEvent
GetTempPathW
SetThreadPriority
GetModuleHandleA
InterlockedDecrement
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
SetLastError
GlobalFree
GlobalSize
FormatMessageW
EscapeCommFunction
SetupComm
SetCommTimeouts
GetCommState
SetCommState
PurgeComm
LocalAlloc
LocalFree
FlushFileBuffers
CreateEventW
ReadFile
WaitForMultipleObjects
ResetEvent
GetOverlappedResult
CancelIo
lstrcmpiW
GetWindowsDirectoryW
MulDiv
LoadLibraryExW
GetFileAttributesA
GetSystemDefaultLangID
RaiseException
GetUserDefaultLCID

user32

PostQuitMessage
CharUpperW
GetWindowThreadProcessId
GetMessageW
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
MapVirtualKeyW
GetKeyNameTextW
DestroyMenu
GetMenuItemInfoW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ScrollWindowEx
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
ShowOwnedPopups
TrackPopupMenuEx
SetParent
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
CallWindowProcW
GetMenu
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuStringW
GetClassInfoW
DefWindowProcW
GetWindowTextW
GetMenuItemRect
GetMenuItemID
GetMenuState
ClientToScreen
ChildWindowFromPoint
IsWindowEnabled
WindowFromPoint
SetWindowRgn
EqualRect
CopyRect
OffsetRect
SetRectEmpty
SetRect
IsRectEmpty
EnumWindows
GetWindowLongW
GetClassNameW
DestroyCursor
LoadStringW
SystemParametersInfoW
CopyIcon
DestroyIcon
FillRect
CreateIconIndirect
GetIconInfo
MapDialogRect
SetWindowContextHelpId
SetCapture
ReleaseCapture
GetSysColorBrush
GetDialogBaseUnits
UnregisterClassW
DeleteMenu
GetTabbedTextExtentW
CharNextW
MessageBeep
SetWindowLongW
IsWindow
GetSysColor
GetMessagePos
ReleaseDC
GetDC
CopyAcceleratorTableW
PostThreadMessageW
LockWindowUpdate
GetDCEx
UnionRect
ScrollWindow
RegisterClipboardFormatW
ScreenToClient
InflateRect
GetKeyState
IsClipboardFormatAvailable
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
GetNextDlgGroupItem
TrackPopupMenu
InvalidateRgn
SetClipboardData
RedrawWindow
InsertMenuW
CreatePopupMenu
MessageBoxW
LoadCursorW
SetCursor
ShowScrollBar
MoveWindow
FindWindowW
GetClipboardData
CloseClipboard
OpenClipboard
GetParent
GetDlgItem
SetWindowTextW
ShowWindow
LoadImageW
GetForegroundWindow
GetCursorPos
PtInRect
GetSystemMetrics
LoadIconW
KillTimer
SetTimer
InvalidateRect
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
PostMessageW
SendMessageW
CheckMenuRadioItem
LoadMenuW
RemoveMenu
ModifyMenuW
GetSubMenu
GetMenuItemCount
EnableMenuItem
AppendMenuW
DrawIcon
EnableWindow
IsWindowVisible

gdi32

SelectClipRgn
FillRgn
CombineRgn
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
OffsetRgn
CopyMetaFileW
CreateDCW
GetDCOrgEx
GetClipBox
ExtTextOutW
CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
FrameRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetCharWidthW
StretchDIBits
GetBkColor
GetTextColor
GetRgnBox
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
SetTextJustification
TextOutW
GetDeviceCaps
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
CreateCompatibleBitmap
CreatePen
MoveToEx
LineTo
CreateBitmap
StretchBlt
GetTextExtentPoint32W
CreateFontIndirectW
GetStockObject
GetObjectW
CreateSolidBrush
CreateFontW
CreateDIBSection
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
Escape
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptGenRandom
CryptAcquireContextW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
GetFileSecurityW
SetFileSecurityW
RegCreateKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
RegQueryValueW
CryptReleaseContext

shell32

ExtractIconW
DragQueryPoint
DragQueryFileW
SHGetFolderPathW
ShellExecuteW
SHChangeNotify
SHGetSpecialFolderPathW
DragFinish
SHGetFileInfoW

comctl32

ImageList_Create
ord17
ImageList_GetIcon
ImageList_GetImageCount
ImageList_AddMasked
_TrackMouseEvent

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleDuplicateData
CoUninitialize
CoCreateInstance
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
SetConvertStg
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim

libcrypto-1_1

EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_DecryptFinal_ex
EVP_CIPHER_CTX_new
EVP_aes_256_cbc
EVP_EncryptInit_ex
EVP_CIPHER_CTX_block_size
ERR_print_errors_fp
EVP_CIPHER_CTX_free
EVP_EncryptFinal_ex
EVP_EncryptUpdate

setupapi

SetupDiDestroyDeviceInfoList
CM_Get_Parent
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
CM_Get_Device_IDW

winusb

WinUsb_WritePipe
WinUsb_Initialize
WinUsb_Free
WinUsb_GetDescriptor
WinUsb_QueryDeviceInformation
WinUsb_QueryInterfaceSettings
WinUsb_QueryPipe
WinUsb_ReadPipe

hid

HidD_GetAttributes
HidD_GetPreparsedData
HidP_GetCaps
HidD_GetHidGuid

Exports

Exports

OPENSSL_Applink

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1023KB - Virtual size: 1022KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 216KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9ab23d2a4be93e7dcb37a14c2496ce3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dbghelp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

libcrypto-1_1

setupapi

winusb

hid

Exports

Exports

Sections

.text Size: 5.8MB - Virtual size: 5.8MB

.rdata Size: 1023KB - Virtual size: 1022KB

.data Size: 216KB - Virtual size: 250KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 1023KB - Virtual size: 1022KB

.data
Size: 216KB - Virtual size: 250KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB