ce0511cde6cf4143be2a154aeb7b85f6

Sharing

Copy URL

Twitter E-mail

General

Target

ce0511cde6cf4143be2a154aeb7b85f6
Size

513KB
MD5

ce0511cde6cf4143be2a154aeb7b85f6
SHA1

3e7e8d93c291b6ff44a243455414349c0a5dfa27
SHA256

b3d0ba7f289cf9dd9dca70e42ee24141425e34d8ee1527a07cc6d273d6926bb0
SHA512

a6f01e92a080dcddd490292f5092730d7110a861240948009c617af751d9d5a81c55c3dddae85378d899fc669242a66e68fb85be22a43c5dc9f10649c8ea449d
SSDEEP

12288:1eBs9Xtt8vfvMal1a0xVgwjPD0oV8G8v/cC0:1eBs9XttQZl1a0xWoC1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce0511cde6cf4143be2a154aeb7b85f6

Files

ce0511cde6cf4143be2a154aeb7b85f6
.exe windows:5 windows x86 arch:x86

bbec6c3bd4d7d5225aacf593a945e949

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\!OK\Projects\LiteCAD\_Final\LCFont.pdb

Imports

comctl32

ord17

litecad

lcPropGetStr
lcPropPutInt
lcEventReturnCode
lcWndZoomScale
lcDrwRegenViews
lcWndSetFocus
lcAddFontFile
lcWndResize
lcPropGetHandle
lcCreateDrawing
lcPropPutStr
lcDeleteDrawing
lcDrwNew
lcDrwGetFirstObject
lcCreateWindow
lcWndRedraw
lcPropGetFloat
lcDeleteWindow
lcPropGetBool
lcDrwAddLayer
lcBlockClear
lcWndZoomRect
lcPropGetInt
lcBlockAddTextWin2
lcEntUpdate
lcBlockAddPolyline
lcPlineAddVer
lcBlockSelectEnt
lcWndExeCommand
lcBlockAddXline
lcBlockAddRect2
lcPropPutHandle
lcBlockAddPoint2
lcOnEventMouseDown
lcOnEventPaint
lcOnEventKeyDown
lcInitialize
lcOnEventMouseSnap
lcOnEventMouseMove
lcPropPutBool

kernel32

GetProcAddress
FindFirstFileW
FindClose
FindNextFileW
FreeResource
FindResourceW
LoadResource
GetVersionExW
GetModuleFileNameW
LockResource
MultiByteToWideChar
GetLastError
WideCharToMultiByte
GetCurrentThreadId
LoadLibraryA
GetModuleFileNameA
ExitProcess
HeapSize
Sleep
GetConsoleMode
GetConsoleCP
WriteFile
RaiseException
DeleteCriticalSection
GetStartupInfoA
LoadLibraryW
GetStdHandle
SetHandleCount
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CloseHandle
SetFilePointer
ReadFile
HeapAlloc
HeapFree
GetStartupInfoW
FindFirstFileA
FreeLibrary
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
VirtualAlloc
HeapReAlloc
LCMapStringA
CreateFileA
CreateFileW
SetStdHandle
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetModuleHandleA
SetEndOfFile
GetProcessHeap
GetFileType

user32

DestroyMenu
ClientToScreen
GetDlgItem
EnableWindow
SetWindowTextW
DialogBoxParamW
EndDialog
SetDlgItemTextW
DestroyWindow
ScreenToClient
IsWindow
GetKeyState
GetClientRect
InvalidateRect
GetSysColor
SetWindowPos
GetCursorPos
CreatePopupMenu
ShowWindow
CreateDialogParamW
CreateWindowExW
MessageBoxW
GetSystemMetrics
SendMessageW
UpdateWindow
MoveWindow
SetWindowLongW
GetWindowLongW
RegisterClassExW
GetClassInfoExW
LoadCursorW
DispatchMessageW
LoadIconW
LoadAcceleratorsW
TranslateMessage
AppendMenuW
FillRect
TrackPopupMenu
LoadStringW
DefWindowProcW
PostQuitMessage
GetMessageW
TranslateAcceleratorW
CheckMenuItem
GetDlgItemTextW
LoadBitmapW
GetMenu
ReleaseCapture
GetCursor
SetFocus
WindowFromPoint
IsWindowEnabled
KillTimer
PostMessageW
SetCapture
LoadImageW
SetTimer
SetCursor
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetFocus
ReleaseDC
GetDC
BeginPaint
GetWindowRect
EndPaint

gdi32

DeleteDC
CreateFontIndirectW
CreateDCW
DeleteObject
SelectObject
SetTextColor
LineTo
MoveToEx
BeginPath
GetTextMetricsW
Polyline
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
CreatePatternBrush
CreateBitmap
PatBlt
CreateSolidBrush
GetStockObject
TextOutW
CreatePen
SetTextAlign
FillPath
EndPath
CreateRectRgnIndirect
SelectClipRgn
SetBkMode
GetGlyphOutlineW
Polygon

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

advapi32

RegEnumValueW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbec6c3bd4d7d5225aacf593a945e949

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

litecad

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 271KB - Virtual size: 608KB

.rsrc Size: 25KB - Virtual size: 25KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 271KB - Virtual size: 608KB

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 14KB - Virtual size: 13KB