922c9481c3acd2045131689f019a7645cde84c4f727a54066b64397a4f46a586

Sharing

Copy URL Twitter E-mail

General

Target

922c9481c3acd2045131689f019a7645cde84c4f727a54066b64397a4f46a586
Size

3.7MB
MD5

74accdf807d8bca696c245b76e81735c
SHA1

5ea5510c1ff6ef2134d56f57ec9fb29961bdc25d
SHA256

922c9481c3acd2045131689f019a7645cde84c4f727a54066b64397a4f46a586
SHA512

729bb0644d7bd2cf9aa82d857bddc141a3f3ac02b7183e8469bece75c37caab38f94445734ebd3957aba488c7127cee901ad66b19f62901764164b271028078d
SSDEEP

98304:0G13mwCHk0MZriHA9NgGRZqKZC8u/Io6pAFLOAkGkzdnEVomFHKnPF:RJ7BrnO/Io6pAFLOyomFHKnPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
922c9481c3acd2045131689f019a7645cde84c4f727a54066b64397a4f46a586

Files

922c9481c3acd2045131689f019a7645cde84c4f727a54066b64397a4f46a586
.exe windows:6 windows x86 arch:x86

e413f64c8092044e53f2523076dd823b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\QATool_YMTC\resQA Version\QATool.pdb

Imports

libmysql

mysql_server_init
mysql_init
mysql_free_result
mysql_query
mysql_close
mysql_store_result
mysql_affected_rows
mysql_options
mysql_real_connect
mysql_fetch_row

kernel32

GetSystemInfo
GetCurrentProcess
GlobalUnlock
GlobalLock
GetPrivateProfileStringA
GetPrivateProfileIntA
SetCommMask
DeleteFileA
WritePrivateProfileStringA
LocalFree
MultiByteToWideChar
CreateEventA
SetEvent
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetDriveTypeW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
lstrcmpiA
CompareStringW
GetStdHandle
ExitProcess
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetFileType
SetStdHandle
GetModuleFileNameA
GetExitCodeProcess
SetCommState
GetTickCount
SetCommTimeouts
CreateDirectoryA
CreateProcessA
WideCharToMultiByte
FreeLibrary
GetProcessHeap
DeleteCriticalSection
GlobalReAlloc
GetFullPathNameW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetStartupInfoA
GetProcAddress
DecodePointer
GetLocalTime
LCMapStringW
RtlUnwind
GetStringTypeW
ClearCommError
HeapAlloc
FindResourceW
LoadResource
GetWindowsDirectoryA
RaiseException
CloseHandle
HeapReAlloc
GlobalFree
GlobalAlloc
GetCommState
LockResource
GetVersionExA
LoadLibraryA
CreateFileA
OpenMutexA
GetLastError
Sleep
HeapSize
GetModuleHandleA
SetupComm
ReleaseMutex
WaitForSingleObject
CreateMutexA
InitializeCriticalSectionEx
CreatePipe
LeaveCriticalSection
PurgeComm
DeviceIoControl
OutputDebugStringA
WriteFile
EnterCriticalSection
HeapFree
SizeofResource
InitializeCriticalSectionAndSpinCount
LoadLibraryW
VirtualQuery
CreateSemaphoreA
ReadFile
VirtualAlloc
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
SetLastError
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalSize
MulDiv
FormatMessageA
CopyFileA
GetCurrentProcessId
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
SetThreadPriority
SuspendThread
ResumeThread
LocalAlloc
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
GetVolumeInformationA
DuplicateHandle
GetThreadLocale
lstrcmpA
GetCurrentThread
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
VerSetConditionMask
lstrcpyA
VerifyVersionInfoA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
GetCurrentDirectoryA
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SetErrorMode
GetTempPathA
FindResourceExW
SearchPathA
GetProfileIntA
GetTempFileNameA
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
LCMapStringEx

user32

GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
GetWindowTextA
GetWindowTextLengthA
AdjustWindowRectEx
ScreenToClient
MapWindowPoints
GetSysColor
CopyRect
EqualRect
PtInRect
SetWindowLongA
GetClassLongA
GetTopWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadIconA
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
MoveWindow
SetDlgItemTextA
CheckDlgButton
SendDlgItemMessageA
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetCursorPos
ClientToScreen
SetRectEmpty
OffsetRect
GetKeyNameTextA
MapVirtualKeyA
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetMessageA
InflateRect
IntersectRect
CharUpperA
DrawEdge
DrawFrameControl
SetWindowRgn
GetSysColorBrush
DrawFocusRect
IsRectEmpty
DrawIconEx
PostQuitMessage
ShowOwnedPopups
SetCursor
SetWindowContextHelpId
MapDialogRect
DestroyMenu
DrawStateA
SystemParametersInfoA
LoadCursorA
SetLayeredWindowAttributes
LoadCursorW
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
SetActiveWindow
TrackMouseEvent
IsZoomed
SetCapture
ReleaseCapture
GetSystemMenu
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
DestroyIcon
RegisterClassA
IsWindowVisible
EmptyClipboard
LoadImageA
SetParent
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetDoubleClickTime
GetIconInfo
CopyIcon
ModifyMenuA
DestroyAcceleratorTable
SetClassLongA
GetUpdateRect
WaitMessage
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
RegisterClipboardFormatA
CharUpperBuffA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
FrameRect
PostThreadMessageA
HideCaret
InvertRect
SubtractRect
IsClipboardFormatAvailable
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetWindowThreadProcessId
GetParent
GetWindowLongA
CallWindowProcA
IsWindowEnabled
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetAsyncKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
GetDlgItem
DestroyWindow
IsChild
IsMenu
RemovePropA
LoadMenuW
SetPropA
GetSubMenu
LoadIconW
CheckMenuItem
GetLastActivePopup
GetWindow
ShowWindow
IsWindow
GetPropA
GetDesktopWindow
SetForegroundWindow
MessageBoxA
GetWindowRect
GetDC
FillRect
GetSystemMetrics
DrawIcon
GetActiveWindow
OpenClipboard
CloseClipboard
GetClipboardData
GetClientRect
SetRect
IsIconic
ReleaseDC
PostMessageA
SetTimer
KillTimer
UpdateWindow
InvalidateRect
SendMessageA
EnableWindow
DispatchMessageA
TranslateMessage
PeekMessageA
UnregisterClassA
CreateWindowExA
GetClassInfoExA
SetClipboardData
GetClassInfoA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
LoadImageW
GetClassNameA
GetMenuItemInfoA

gdi32

GetPaletteEntries
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
RoundRect
GetRgnBox
GetTextFaceA
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsA
CreateFontIndirectA
GetMapMode
SetRectRgn
DPtoLP
CreateEllipticRgn
CopyMetaFileA
CreateDCA
GetDeviceCaps
CreateSolidBrush
SetBkColor
SetTextColor
Ellipse
PatBlt
BitBlt
OffsetRgn
CreateBitmap
CreateCompatibleDC
CreateRoundRectRgn
Rectangle
SetDIBColorTable
StretchBlt
SetPixel
CreateDIBSection
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
DeleteDC
DeleteObject
LPtoDP
SetStretchBltMode
CreatePalette
SetDIBitsToDevice
SelectPalette
GetStockObject
StretchDIBits
GetObjectA
RealizePalette
CreateHatchBrush
GetBkColor
GetTextColor
GetTextExtentPoint32A
CreatePolygonRgn
CreateRectRgnIndirect
Polygon
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
Polyline

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
ShellExecuteExA
ShellExecuteA
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetMalloc

ole32

RevokeDragDrop
OleLockRunning
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
CoTaskMemAlloc
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoCreateGuid
CoInitializeEx
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString
OleRun
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
OleDuplicateData
RegisterDragDrop
CreateStreamOnHGlobal

oleaut32

LoadTypeLi
SysAllocString
VarBstrFromDate
SysAllocStringLen
SysStringLen
OleCreateFontIndirect
VariantTimeToSystemTime
SafeArrayDestroy
VariantClear
VariantChangeType
VariantCopy
SysAllocStringByteLen
SysFreeString
VariantInit
GetActiveObject
SystemTimeToVariantTime

cfgmgr32

CM_Get_DevNode_Registry_PropertyA
CM_Get_Sibling
CM_Get_Child
CM_Locate_DevNodeA
CM_Get_Parent
CM_Get_Device_IDA

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

IsAppThemed
OpenThemeData
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
DrawThemeText
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
DrawThemeParentBackground

oledlg

ord8

gdiplus

GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapLockBits
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo

libcurl

curl_easy_setopt
curl_easy_cleanup
curl_easy_perform
curl_easy_init

iphlpapi

GetAdaptersInfo

netapi32

Netbios

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wininet

FtpCreateDirectoryA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetConnectA
InternetCloseHandle
InternetOpenA

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e413f64c8092044e53f2523076dd823b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libmysql

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

cfgmgr32

msimg32

comctl32

shlwapi

uxtheme

oledlg

gdiplus

setupapi

libcurl

iphlpapi

netapi32

oleacc

wininet

imm32

winmm

winspool.drv

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 395KB - Virtual size: 394KB

.data Size: 26KB - Virtual size: 197KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 151KB - Virtual size: 150KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 395KB - Virtual size: 394KB

.data
Size: 26KB - Virtual size: 197KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 151KB - Virtual size: 150KB