7c14b66f81b74743c9a2e49782df3f2d7416f23bc9a5e8767599aa88c836e0d0

Sharing

Copy URL Twitter E-mail

General

Target

7c14b66f81b74743c9a2e49782df3f2d7416f23bc9a5e8767599aa88c836e0d0
Size

5.0MB
MD5

a5c7fcc0e12d31f2f817c1c714cb7069
SHA1

a2beb7d3c95d7891c0f4a2ba32e03911bc9dcc34
SHA256

7c14b66f81b74743c9a2e49782df3f2d7416f23bc9a5e8767599aa88c836e0d0
SHA512

9945233da2d15dcec6a987b5bb1b5c78f2efae0b7dbc7a970b4b8dab85d4ef2834436fe2f3df908c18c50c7b583c2e89cfb804bb13444e0c7c0b3ad94dc93bfb
SSDEEP

98304:4k+m3kIKS+CAXoTwvWHQJ0UsGuSRKgN4xdbcT6SyN/F3EvexdqEtU6KoQIj4Z7tL:T+m3jKS+CAXS8WHFRdbqAFprqo8oQIjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c14b66f81b74743c9a2e49782df3f2d7416f23bc9a5e8767599aa88c836e0d0

Files

7c14b66f81b74743c9a2e49782df3f2d7416f23bc9a5e8767599aa88c836e0d0
.exe windows:6 windows x86 arch:x86

328f7cdf27a7afc5fc4e0abdba19ab60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Jon Brookshire\Documents\Visual Studio 2012\Projects\vsa\Release\VSA.pdb

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA

winmm

joyGetDevCapsA
timeSetEvent
timeKillEvent
joyGetPosEx
mmioAscend
mmioOpenA
mmioCreateChunk
PlaySoundA
mmioWrite
mmioClose

quartz

AMGetErrorTextA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

FtpPutFileA
InternetAttemptConnect
InternetCheckConnectionA
InternetOpenA
InternetConnectA
InternetCloseHandle

kernel32

FileTimeToSystemTime
GetACP
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesA
SystemTimeToTzSpecificLocalTime
SetErrorMode
LocalLock
LocalUnlock
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
SearchPathA
InitializeSListHead
CreateEventW
TlsFree
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
LocalReAlloc
TlsSetValue
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CreateWaitableTimerA
GetLogicalProcessorInformation
GetSystemInfo
SetWaitableTimer
OpenEventA
WaitForMultipleObjectsEx
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
GetAtomNameA
LocalAlloc
GlobalHandle
GetStartupInfoW
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetStringTypeExA
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
GetProfileIntA
GetTickCount
GetThreadLocale
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileA
SetFileTime
GetFullPathNameA
GetFileTime
GetFileAttributesA
GetDiskFreeSpaceA
ResumeThread
SuspendThread
lstrcmpA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
CopyFileA
MulDiv
SetLastError
GetThreadTimes
LoadLibraryExA
ExpandEnvironmentStringsA
WinExec
GetWindowsDirectoryA
WaitForMultipleObjects
SetPriorityClass
GetCurrentThread
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
HeapDestroy
RaiseException
DecodePointer
BuildCommDCBAndTimeoutsA
SetCommTimeouts
SetCommState
PurgeComm
GetCommState
GlobalReAlloc
SetupComm
CancelIo
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetTempFileNameA
SetThreadPriority
GetProcessHeap
HeapFree
HeapAlloc
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
CreateProcessA
GetExitCodeProcess
Sleep
ResetEvent
DeviceIoControl
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTempPathA
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalSize
DeleteFileA
GetModuleFileNameA
CreateMutexA
ReleaseMutex
WaitForSingleObject
WriteFile
CreateFileA
FindResourceA
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
GetSystemDirectoryA
FormatMessageA
LocalFree
LoadLibraryA
FreeLibrary
GetLastError
GetLongPathNameA
GetProcAddress
GetModuleHandleA
lstrcpynA
lstrcpyA
CreateSemaphoreA
GetSystemTimeAsFileTime
GetCurrentProcess
CreateEventA
WaitForSingleObjectEx
ReleaseSemaphore
SetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
DuplicateHandle
CloseHandle
GetVersionExA
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
SetStdHandle
ExitProcess
GetStdHandle
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
UnhandledExceptionFilter
WriteConsoleW

user32

SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
GetNextDlgGroupItem
GetTabbedTextExtentA
GetDCEx
CreateMenu
PostThreadMessageA
WindowFromDC
InSendMessage
GetTabbedTextExtentW
CopyAcceleratorTableA
SetWindowRgn
UnionRect
GetDialogBaseUnits
GetAsyncKeyState
CopyImage
RealChildWindowFromPoint
LoadImageW
TrackMouseEvent
GetSysColorBrush
MapDialogRect
SetWindowContextHelpId
LoadAcceleratorsW
ShowOwnedPopups
PostQuitMessage
MsgWaitForMultipleObjectsEx
DeleteMenu
GetSystemMenu
CharUpperA
NotifyWinEvent
DrawFocusRect
IsClipboardFormatAvailable
CharNextA
LoadCursorW
SetCursorPos
TranslateMessage
GetMessageA
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
SystemParametersInfoA
GetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
DestroyIcon
InsertMenuItemA
DestroyMenu
LoadMenuA
BringWindowToTop
IsZoomed
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetActiveWindow
EndDialog
CreateDialogIndirectParamA
WindowFromPoint
GetCursorPos
IsDialogMessageA
SetWindowTextA
EmptyClipboard
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
SetWindowsHookExA
GetTopWindow
GetClassNameA
GetClassLongA
MapWindowPoints
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
DeferWindowPos
SetWindowPlacement
SendMessageA
PostMessageA
EnableWindow
LoadAcceleratorsA
TranslateAcceleratorA
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
GetMessageTime
DispatchMessageA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
SetRectEmpty
SendDlgItemMessageA
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
DrawStateA
SetClassLongA
DrawFrameControl
FrameRect
WaitMessage
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
SetMenuDefaultItem
IsWindowEnabled
InsertMenuA
GetMenuItemCount
GetMenuState
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
GetUpdateRect
SendNotifyMessageA
EnumChildWindows
SubtractRect
MonitorFromRect
ScrollWindowEx
GetWindowRgn
LockWindowUpdate
GetParent
wsprintfA
GetDC
ReleaseDC
InvalidateRect
RedrawWindow
IsCharLowerA
GetClientRect
UpdateWindow
GetWindowRect
AdjustWindowRectEx
ScreenToClient
FillRect
OffsetRect
IsRectEmpty
GetWindow
GetNextDlgTabItem
GetSubMenu
GetMenuItemID
RemoveMenu
DefWindowProcA
GetClassInfoA
GetSysColor
CopyRect
LoadCursorA
SetCapture
ReleaseCapture
EqualRect
MessageBoxA
LoadBitmapA
LoadBitmapW
SetCursor
GetFocus
InflateRect
PtInRect
PeekMessageA
RegisterClipboardFormatA
SetTimer
KillTimer
LoadMenuW
EnableMenuItem
SetMenuItemInfoA
InvalidateRgn
RegisterWindowMessageA
SetThreadDpiAwarenessContext
BeginDeferWindowPos
EndDeferWindowPos
GetSystemMetrics
ClientToScreen
CreatePopupMenu
AppendMenuA
SetParent
GetDesktopWindow
UnregisterClassA
IsWindow
DrawEdge
SetActiveWindow
SetForegroundWindow
DrawIcon
LoadIconW
SetWindowPos
SetRect
IntersectRect
LoadImageA
GetMessagePos
MessageBeep
SetWindowLongA
DestroyCursor
CopyIcon
GetMenuStringA

gdi32

PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetCharWidthA
GetMapMode
SetRectRgn
GetBkColor
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
Rectangle
CreateEllipticRgn
CreateDIBSection
SetTextJustification
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
GetTextFaceA
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
EnumFontFamiliesA
GetTextCharsetInfo
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EnumFontFamiliesExA
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
PtVisible
PlayMetaFile
OffsetClipRgn
SetTextAlign
SetTextCharacterExtra
SetROP2
PatBlt
GetTextMetricsA
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
GetTextExtentPoint32A
GetTextColor
LPtoDP
DPtoLP
InvertRgn
GetRgnBox
CreateRectRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetDIBits
CreateFontA
UnrealizeObject
SetBrushOrgEx
SetStretchBltMode
StretchDIBits
Ellipse
CreatePatternBrush
CreateBitmap
CombineRgn
GetObjectA
SetPixel
SelectPalette
RealizePalette
GetPixel
DeleteObject
DeleteDC
CreatePalette
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SelectObject
RectVisible

msimg32

TransparentBlt
AlphaBlend

winspool.drv

GetJobA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

CryptReleaseContext
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegSetValueA
CryptGenRandom
RegCloseKey
CryptAcquireContextA
RegQueryValueA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA

shell32

SHAppBarMessage
ShellExecuteA
DragQueryFileA
DragFinish
SHGetFileInfoA
ExtractIconA
SHAddToRecentDocs
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteExA
DragAcceptFiles
SHBrowseForFolderA
SHGetMalloc

comctl32

ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Draw

shlwapi

PathFileExistsA
PathStripPathA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA

uxtheme

DrawThemeText
CloseThemeData
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemePartSize
DrawThemeBackground
OpenThemeData

ole32

GetRunningObjectTable
SetConvertStg
PropVariantCopy
CoInitializeEx
OleGetClipboard
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoDisconnectObject
CreateStreamOnHGlobal
OleRun
CoGetClassObject
CoUninitialize
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
StgCreateDocfileOnILockBytes
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID
CoInitialize
CoCreateInstance
CreateOleAdviseHolder
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleRegGetMiscStatus
OleRegEnumVerbs
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
WriteClassStm
CreateDataAdviseHolder
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleSetMenuDescriptor
OleGetIconOfClass
OleLockRunning
OleSetContainedObject
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
GetHGlobalFromILockBytes
CoGetMalloc

oleaut32

VariantClear
VariantChangeType
SysFreeString
SysStringByteLen
SysAllocStringByteLen
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SysAllocStringLen
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VariantInit
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
SafeArrayGetLBound

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 888KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

328f7cdf27a7afc5fc4e0abdba19ab60

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

winmm

quartz

version

wininet

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

imm32

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 888KB - Virtual size: 887KB

.data Size: 89KB - Virtual size: 114KB

.rsrc Size: 241KB - Virtual size: 241KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 888KB - Virtual size: 887KB

.data
Size: 89KB - Virtual size: 114KB

.rsrc
Size: 241KB - Virtual size: 241KB