ad094ce485e59e218f0a6cc8163190aed5e7849259eedfffe8154926ce674222

Sharing

Copy URL Twitter E-mail

General

Target

ad094ce485e59e218f0a6cc8163190aed5e7849259eedfffe8154926ce674222
Size

2.5MB
MD5

add4d45af9fce05dd88a27b64ce5de12
SHA1

accdd0c2d18c4d27ed1e3bff7c05ec52c9304d26
SHA256

ad094ce485e59e218f0a6cc8163190aed5e7849259eedfffe8154926ce674222
SHA512

48c383af54ff50ad0ab2678bc50cf56bd74f53e01c46a858ef55b481dc74d99671dc7031b06b32d2c2ef42fa10bc9a35f84888299c1ddc2068aca4147d4fa364
SSDEEP

49152:QlHZLs8RU1tVgOpZJ4jn3KghhgsKFN2Rx89ljAwj3r:QTL161tVTJ4z3NhqsKFN2Rx89Gwj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad094ce485e59e218f0a6cc8163190aed5e7849259eedfffe8154926ce674222

Files

ad094ce485e59e218f0a6cc8163190aed5e7849259eedfffe8154926ce674222
.exe windows:6 windows x86 arch:x86

d25742cc8e47afd14ff316b2b3b0ae97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\NewProject\LinuxTools\XProg\Release\HCProgram.pdb

Imports

setupapi

SetupDiOpenDevRegKey
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

kernel32

SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetStringTypeW
GetTimeZoneInformation
GetConsoleMode
GetConsoleOutputCP
LCMapStringW
IsProcessorFeaturePresent
InitializeSListHead
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
OutputDebugStringW
IsDebuggerPresent
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
WriteConsoleW
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetTempFileNameA
GetTempPathA
GetProfileIntA
SearchPathA
GetTickCount
GetWindowsDirectoryA
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetACP
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
FileTimeToSystemTime
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
SetEvent
GetCurrentProcessId
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetStartupInfoW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FindFirstFileA
FindClose
DeleteFileA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
GetExitCodeThread
TerminateThread
GetCurrentDirectoryA
CreateMutexA
LocalFree
LocalAlloc
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
CreateEventA
WaitForSingleObject
DeviceIoControl
SetCommTimeouts
SetCommState
PurgeComm
GetCommState
SetupComm
CloseHandle
WriteFile
ReadFile
FlushFileBuffers
CreateFileA
Sleep
GetModuleHandleA
InitializeCriticalSection
FindResourceA
FreeResource
GetPrivateProfileStringA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
CreateFileW
CompareStringW

user32

DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
ModifyMenuA
LockWindowUpdate
CharUpperBuffA
DrawIcon
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
SetParent
SetClassLongA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
InvertRect
HideCaret
GetIconInfo
DrawIconEx
DrawFocusRect
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
LoadImageA
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
GetSystemMenu
LoadMenuW
IsZoomed
LoadImageW
TrackMouseEvent
MessageBeep
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
DestroyIcon
KillTimer
DeleteMenu
GetAsyncKeyState
RealChildWindowFromPoint
CopyImage
PostThreadMessageA
GetMenuItemInfoA
DestroyMenu
LoadCursorA
GetSysColorBrush
DrawStateA
OffsetRect
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetCursorPos
TranslateMessage
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
MapVirtualKeyA
GetKeyNameTextA
GetWindowThreadProcessId
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IntersectRect
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetSystemMetrics
CharUpperA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetComboBoxInfo
SendMessageA
UnregisterClassA
UpdateWindow
PostMessageA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
IsCharLowerA
MapVirtualKeyExA
GetDoubleClickTime
IsClipboardFormatAvailable
GetUpdateRect
DestroyCursor
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
CreateMenu
SubtractRect
SystemParametersInfoA
GetWindowRgn
GetMessageA
DispatchMessageA
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetFocus
EnableWindow
InvalidateRect
GetSysColor
FrameRect
InflateRect
IsRectEmpty
PtInRect
SetForegroundWindow
GetScrollPos
FindWindowA
SetTimer
GetClientRect
LoadBitmapW
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
CheckDlgButton
SendDlgItemMessageA
GetDlgCtrlID
SetFocus
IsWindowEnabled
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
GetWindowLongA
SetWindowLongA
GetParent
GetWindow
IsDialogMessageA
RegisterWindowMessageA
PeekMessageA
GetMessagePos
GetMessageTime
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
SetScrollRange

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CreateRoundRectRgn
CreateCompatibleBitmap
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
Polygon
Polyline
LPtoDP
OffsetRgn
Rectangle
ExtFloodFill
SetPaletteEntries
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
ExtTextOutA
TextOutA
MoveToEx
SetBkColor
GetDeviceCaps
DeleteDC
DeleteObject
CopyMetaFileA
CreatePolygonRgn
CreateDCA
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetObjectA
SetTextColor

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA
DragFinish

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA
PathIsUNCA

uxtheme

GetThemeColor
GetWindowTheme
IsAppThemed
DrawThemeText
GetThemePartSize
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeSysColor

ole32

OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantClear
VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SysFreeString
SysAllocStringByteLen
VariantInit

oledlg

ord8

gdiplus

GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP

dbghelp

MakeSureDirectoryPathExists

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

winmm

PlaySoundA

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d25742cc8e47afd14ff316b2b3b0ae97

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

dbghelp

oleacc

winmm

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 431KB - Virtual size: 431KB

.data Size: 25KB - Virtual size: 46KB

.rsrc Size: 319KB - Virtual size: 318KB

.reloc Size: 141KB - Virtual size: 140KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 431KB - Virtual size: 431KB

.data
Size: 25KB - Virtual size: 46KB

.rsrc
Size: 319KB - Virtual size: 318KB

.reloc
Size: 141KB - Virtual size: 140KB