796d2ab6c1e974f82d6e7a089659b58327c41aff5b6c141824d35d9350e0032f

Sharing

Copy URL

Twitter E-mail

General

Target

796d2ab6c1e974f82d6e7a089659b58327c41aff5b6c141824d35d9350e0032f
Size

3.1MB
MD5

d871ad0e005f226143efe56625c32efe
SHA1

0160be3d96b5f9dda37549562565c7be33928345
SHA256

796d2ab6c1e974f82d6e7a089659b58327c41aff5b6c141824d35d9350e0032f
SHA512

3336e263b88af2ebc28934536ef0d8e2ae1d06e1d6fc53eefe4a0b5e86f510e07105630cceae688f4360cfa133afbfb88cee8d6b8b729942778fc1d6746198f0
SSDEEP

49152:IetUkJIFSbpUZTjbvkV2P4cFUErwehqtGsq/tLKz8Y6uehdAw3Ub8NIpxv1Z:vtUscBTjDdPpFUErwwnIw3e1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
796d2ab6c1e974f82d6e7a089659b58327c41aff5b6c141824d35d9350e0032f

Files

796d2ab6c1e974f82d6e7a089659b58327c41aff5b6c141824d35d9350e0032f
.exe windows:6 windows x86 arch:x86

0161d223d7f3e2f4e743a71629784c58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\A23139\Documents\UItoolSVN\SPKCommandSet Tool\Release\PBAPAccess.pdb

Imports

kernel32

ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
GetStdHandle
VirtualQuery
VirtualAlloc
HeapQueryInformation
GetCommandLineA
GetFileType
SetStdHandle
FindFirstFileExW
GetOEMCP
CreateThread
GetTimeZoneInformation
GetModuleHandleExW
ExitProcess
RtlUnwind
GetSystemInfo
OpenEventA
ReleaseSemaphore
GetCPInfo
LCMapStringW
GetStringTypeW
OutputDebugStringW
FindNextFileW
FreeLibraryAndExitThread
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetTempPathW
GetTempFileNameW
GetTickCount
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
lstrcpyW
FileTimeToSystemTime
GlobalFlags
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetUserDefaultUILanguage
FindResourceExW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetThreadLocale
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetVersionExW
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryA
GetModuleHandleW
GetModuleHandleA
VirtualProtect
OutputDebugStringA
GetModuleFileNameW
GetCurrentProcessId
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
ReadFile
GetOverlappedResult
WriteFile
ClearCommError
SetCommMask
SetCommState
GetCommState
SetCommTimeouts
PurgeComm
SetupComm
CreateFileW
DeleteCriticalSection
DecodePointer
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocalTime
GetCommandLineW
Sleep
CreateEventA
HeapAlloc
HeapFree
GetProcessHeap
SetEvent
WaitForSingleObjectEx
ResetEvent
GetCurrentDirectoryW
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventW
FindResourceW
LoadResource
LockResource
CloseHandle
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryW
ExitThread
WriteConsoleW

user32

InvalidateRgn
CopyAcceleratorTableW
CharNextW
KillTimer
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
LoadImageW
DestroyIcon
InvalidateRect
TrackMouseEvent
RealChildWindowFromPoint
CopyImage
LoadCursorW
GetSysColorBrush
SetCursor
ShowOwnedPopups
SetWindowContextHelpId
CharUpperW
IntersectRect
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
OffsetRect
SetRectEmpty
SendDlgItemMessageA
MapVirtualKeyW
GetKeyNameTextW
FillRect
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
GetDlgItemInt
MoveWindow
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetRect
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
DrawStateW
BeginPaint
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DrawEdge
DrawFrameControl
IsZoomed
SendMessageW
GetClientRect
EnableWindow
GetWindowLongW
SetWindowLongW
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
RegisterWindowMessageW
MapDialogRect
GetWindow
RemovePropW
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
CreatePopupMenu
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
GetPropW
SetPropW
SetClassLongW
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
SetScrollInfo
EmptyClipboard
GetKeyboardLayout
LoadBitmapW
GetSysColor
GetCursorPos
ScreenToClient
ClientToScreen
LoadMenuW
GetSubMenu
SetTimer
SetDlgItemTextW
SetDlgItemInt
GetMessagePos
LoadIconW
UpdateWindow
GetWindowRect
GetDlgItem
IsIconic
GetSystemMetrics
DrawIcon
PostQuitMessage
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
MsgWaitForMultipleObjects
PeekMessageW
MessageBoxW
GetDlgItemTextW
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
IsWindowEnabled
GetParent
GetWindowThreadProcessId
GetLastActivePopup
PostMessageW
ShowWindow
SetWindowPos
SetFocus
GetActiveWindow
GetFocus
GetAsyncKeyState
GetCapture
SetActiveWindow
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
EndPaint

gdi32

DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateSolidBrush
GetTextExtentPoint32W
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
SetTextColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateFontW
SetBitmapBits
GetBitmapBits
CreateFontIndirectW
SetBkColor
GetObjectW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteValueW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegEnumValueW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW
DragFinish
DragQueryFileW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

DrawThemeText
GetThemePartSize
GetThemeSysColor
IsAppThemed
GetWindowTheme
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent

ole32

OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysFreeString
VariantChangeType
SysAllocStringLen
VariantInit
VariantClear

oledlg

OleUIBusyW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0161d223d7f3e2f4e743a71629784c58

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 456KB - Virtual size: 456KB

.data Size: 48KB - Virtual size: 76KB

.gfids Size: 108KB - Virtual size: 108KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 520KB - Virtual size: 519KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 456KB - Virtual size: 456KB

.data
Size: 48KB - Virtual size: 76KB

.gfids
Size: 108KB - Virtual size: 108KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 520KB - Virtual size: 519KB