f2d49c20757eb99748e91a497f5849e26bf14167726f77a9f313a79244701c12

Sharing

Copy URL

Twitter E-mail

General

Target

f2d49c20757eb99748e91a497f5849e26bf14167726f77a9f313a79244701c12
Size

6.6MB
MD5

c9f7a3426c254c9757218d026bc9418c
SHA1

6f87b498d23871fb3f82d51760180a6cc0e649ef
SHA256

f2d49c20757eb99748e91a497f5849e26bf14167726f77a9f313a79244701c12
SHA512

7401ccd0f18be9288f723ea0772cead46101bf4567c3886045596ec2b6bb6c22bd142f8a3b78699d27251800545d40c25011c94716e5ab96e6f21627eae8ffe0
SSDEEP

98304:mpbWvGABuP8aSuszR9rcMTAKG9zLUoOWn:mFWvGSUSusfNAKG9zFOW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2d49c20757eb99748e91a497f5849e26bf14167726f77a9f313a79244701c12

Files

f2d49c20757eb99748e91a497f5849e26bf14167726f77a9f313a79244701c12
.exe windows:5 windows x86 arch:x86

383aecb278f009489eccbd3ad22ed651

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\MyProjects_VC2015\XLT48UXP\WLT48UXP\Vista\WDATA48UXP.pdb

Imports

winmm

PlaySoundA
waveOutGetNumDevs

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
SearchPathA
GetProfileIntA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
GetCurrentDirectoryA
FindResourceExW
SetErrorMode
GetStartupInfoW
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
lstrcpyA
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
FileTimeToSystemTime
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
InitializeSListHead
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
OutputDebugStringW
FormatMessageW
LCMapStringW
GetStringTypeW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
FindFirstFileExW
FindNextFileW
GetFullPathNameW
GetCommandLineA
GetCommandLineW
ExitProcess
GetModuleHandleExW
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
GetFileAttributesExW
DeleteFileW
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetDriveTypeW
GetTimeZoneInformation
SetConsoleCtrlHandler
FindFirstFileExA
FindNextFileA
IsValidCodePage
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFileTime
GetFileAttributesA
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleW
GlobalFlags
VirtualProtect
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
LeaveCriticalSection
EnterCriticalSection
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
SetEvent
GetModuleFileNameA
GetCurrentProcessId
SetLastError
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
LoadLibraryA
ExpandEnvironmentStringsA
WaitForSingleObject
GetOverlappedResult
CreateEventA
CloseHandle
DeviceIoControl
CreateFileA
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
GetTickCount
GetSystemInfo
GetModuleHandleA
GetProcAddress
CreateDirectoryA
GetVersionExA
DeleteFileA
GetSystemTime
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CreateFileW
SetCurrentDirectoryW
QueryPerformanceCounter
GetCurrentDirectoryW

user32

DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
NotifyWinEvent
InvertRect
EnableScrollBar
GetIconInfo
DrawIconEx
DrawFocusRect
LoadAcceleratorsW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CharNextA
CreateMenu
CopyAcceleratorTableA
PostThreadMessageA
WindowFromDC
InSendMessage
GetTabbedTextExtentW
LockWindowUpdate
GetDCEx
UnionRect
GetDialogBaseUnits
LoadImageW
TrackMouseEvent
CopyImage
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
ShowOwnedPopups
GetMenuItemInfoA
PostQuitMessage
MonitorFromPoint
SetParent
GetSystemMenu
DestroyCursor
InflateRect
SetCursorPos
LoadCursorA
WaitMessage
RealChildWindowFromPoint
MapDialogRect
GetAsyncKeyState
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
DestroyIcon
IntersectRect
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
CharUpperA
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
CopyIcon
LoadCursorW
SetCursor
SetWindowRgn
ReleaseCapture
SetCapture
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
SetRect
WindowFromPoint
KillTimer
SetTimer
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
MapWindowPoints
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollPos
SubtractRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
FrameRect
IsClipboardFormatAvailable
RegisterClipboardFormatA
UpdateLayeredWindow
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
CharUpperBuffA
GetUpdateRect
SendNotifyMessageA
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
SystemParametersInfoA
TranslateMDISysAccel
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetActiveWindow
IsWindowVisible
GetMessageA
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
IsWindowEnabled
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
SetRectEmpty
IsZoomed
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
RegisterDeviceNotificationA
UnregisterDeviceNotification
RedrawWindow
AppendMenuA
ModifyMenuA
DeleteMenu
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadMenuW
GetScrollRange
UnregisterClassA
LoadBitmapW
GetDesktopWindow
DispatchMessageA
TranslateMessage
GetCapture
wsprintfA
MessageBoxA
GetWindowTextA
AdjustWindowRectEx
GetSystemMetrics
OffsetRect
GetWindowRect
IsRectEmpty
SetScrollPos
SetScrollRange
GetParent
PeekMessageA
GetKeyState
SendMessageA
UpdateWindow
SetCaretPos
GetFocus
DestroyCaret
HideCaret
ShowCaret
SetCaretBlinkTime
CreateCaret
GetClientRect
InvalidateRect
EnableWindow
DrawIcon
FillRect
GetSysColor
CopyRect
LoadIconW
MonitorFromRect
GetWindowRgn
GetTabbedTextExtentA
ScrollWindow
SetWindowContextHelpId

gdi32

SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SetLayout
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
CreateEllipticRgn
Ellipse
CreateDIBSection
CreateCompatibleBitmap
PatBlt
GetCharWidthA
StretchDIBits
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
Rectangle
CreateFontIndirectA
CreateRectRgnIndirect
EnumFontFamiliesExA
GetROP2
GetBkMode
ModifyWorldTransform
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextColor
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
GetTextFaceA
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
SetMapMode
SetGraphicsMode
SetMapperFlags
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextColor
SetTextCharacterExtra
SetStretchBltMode
LPtoDP
DPtoLP
GetTextExtentPoint32A
GetDeviceCaps
CreateFontA
SetROP2
SetPolyFillMode
GetNearestColor
CreateSolidBrush
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateBitmap
CreateDCA
CopyMetaFileA
CombineRgn
SetRectRgn
CreateRectRgn
GetTextMetricsA
BitBlt
GetMapMode
CreateCompatibleDC
GetObjectA
SelectObject
GetLayout

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
GetJobA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExW
RegSetValueA
RegOpenKeyExA
RegCloseKey
RegFlushKey
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA

shell32

SHGetMalloc
SHGetFileInfoA
DragQueryFileA
DragFinish
SHAddToRecentDocs
ExtractIconA
ShellExecuteA
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderPathA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

DrawThemeBackground
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsAppThemed
OpenThemeData
CloseThemeData
GetThemePartSize
IsThemeBackgroundPartiallyTransparent

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
CreateDataAdviseHolder
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleSaveToStream
CreateOleAdviseHolder
CoLockObjectExternal
GetRunningObjectTable
OleRun
OleIsRunning
CoGetMalloc
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
StgCreateDocfileOnILockBytes
CoGetClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegEnumVerbs
OleRegGetMiscStatus
CoDisconnectObject
StringFromGUID2
PropVariantCopy
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleSave
OleSetContainedObject
OleLockRunning
OleGetIconOfClass
GetHGlobalFromILockBytes
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleSetMenuDescriptor
OleQueryLinkFromData
OleQueryCreateFromData
CoRegisterClassObject

oleaut32

SysAllocString
OleCreateFontIndirect
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString

oledlg

ord8

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 765KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

383aecb278f009489eccbd3ad22ed651

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 765KB - Virtual size: 764KB

.data Size: 2.1MB - Virtual size: 2.2MB

.gfids Size: 142KB - Virtual size: 141KB

.giats Size: 512B - Virtual size: 28B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 131KB - Virtual size: 131KB

.reloc Size: 298KB - Virtual size: 298KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 765KB - Virtual size: 764KB

.data
Size: 2.1MB - Virtual size: 2.2MB

.gfids
Size: 142KB - Virtual size: 141KB

.giats
Size: 512B - Virtual size: 28B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 131KB - Virtual size: 131KB

.reloc
Size: 298KB - Virtual size: 298KB