9070437716c7c8d1eb1d33a55620ba0bf860d591aec4bccd264ea17e91482535

Sharing

Copy URL Twitter E-mail

General

Target

9070437716c7c8d1eb1d33a55620ba0bf860d591aec4bccd264ea17e91482535
Size

2.1MB
MD5

d4bc26126ab87b346a7a2e16b9e71d12
SHA1

1e0e824e192d1be92be7db6447f3c59c24c9c39d
SHA256

9070437716c7c8d1eb1d33a55620ba0bf860d591aec4bccd264ea17e91482535
SHA512

705beb2717740d1dc64a2577f9999c8bbb5f0c5f56007ee45a11bf4d310c8ba15a416c1b8a008cfba5bd2d21426cbf0443cdbd0a4e306a3359cd1f75d225d5de
SSDEEP

49152:daf8IlXBEUXl79f9xSCvAuo/b0cMXTUFYZ3HveON4GVtbq2MyOaP0ccRAqbxo15a:da5xp1pfLR4H/b0cMXTYYZ3HveOmGVt6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9070437716c7c8d1eb1d33a55620ba0bf860d591aec4bccd264ea17e91482535

Files

9070437716c7c8d1eb1d33a55620ba0bf860d591aec4bccd264ea17e91482535
.exe windows:5 windows x86 arch:x86

a171629b8b515fe7e17afd60c3438421

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\1. Project\Softnet_Project\[한화그룹]\[한화호텔리조트]\ADMT10_language_withVS2010_Thread\0Bin\ADMTPlus.pdb

Imports

kernel32

GetDateFormatW
GetTimeZoneInformation
GetStringTypeW
SetCurrentDirectoryA
SetEnvironmentVariableA
GetConsoleMode
SetCurrentDirectoryW
GetStdHandle
ExitProcess
QueryPerformanceFrequency
GetFileType
SetStdHandle
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
GetTimeFormatW
CreateThread
VirtualQuery
VirtualAlloc
GetCommandLineW
GetCommandLineA
RtlUnwind
HeapCreate
GetSystemDefaultLCID
IsWow64Process
InterlockedDecrement
OutputDebugStringW
LCMapStringW
GetDriveTypeW
ReadConsoleW
SetFilePointerEx
FindFirstFileExA
ExitThread
GetConsoleCP
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateDirectoryW
WriteConsoleW
CreateFileW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
Sleep
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
GetWindowsDirectoryA
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetCPInfo
GetOEMCP
VirtualProtect
GetACP
GlobalFlags
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FindNextFileA
FileTimeToLocalFileTime
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
HeapFree
SetEvent
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
LoadLibraryW
GlobalUnlock
GetModuleHandleW
GetModuleFileNameW
SetLastError
OutputDebugStringA
FindResourceA
GlobalFree
FreeResource
GetTickCount
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetCurrentThread
lstrcpyA
MultiByteToWideChar
GetComputerNameA
LoadLibraryA
GetUserDefaultLangID
GetSystemDefaultUILanguage
GetSystemInfo
GetModuleHandleA
GetProcAddress
GetVersionExA
GetEnvironmentVariableA
CloseHandle
WaitForSingleObject
GetCurrentThreadId
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryW

user32

CharNextA
PostThreadMessageA
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoA
CopyImage
LoadCursorW
ReleaseCapture
SetCapture
WaitMessage
WindowFromPoint
CharUpperA
MapVirtualKeyA
GetKeyNameTextA
IntersectRect
SetRectEmpty
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
UnhookWindowsHookEx
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
CopyAcceleratorTableA
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
IsDialogMessageA
SetWindowLongA
SetWindowTextA
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
InvalidateRgn
UnregisterClassA
PostMessageA
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
NotifyWinEvent
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
GetSysColorBrush
DestroyIcon
DestroyMenu
GetMenuItemInfoA
GetAsyncKeyState
TrackMouseEvent
LoadImageW
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
ShowOwnedPopups
CallNextHookEx
CreatePopupMenu
InsertMenuItemA
LoadImageA
UnpackDDElParam
ReuseDDElParam
GetMenuDefaultItem
EndDeferWindowPos
DrawFocusRect
EnableWindow
LoadIconW
SendMessageA
GetSystemMenu
RemoveMenu
GetDesktopWindow
GetClientRect
SetRect
OffsetRect
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
BringWindowToTop
IsIconic
GetSystemMetrics
DrawIcon
GetSysColor
IsWindow
GetWindowRect
wsprintfA
InvalidateRect
InflateRect
SetTimer
KillTimer
UpdateWindow
GetCursorPos
PtInRect
SetCursor
LoadCursorA
PostQuitMessage
RegisterClipboardFormatA
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
MessageBoxA
GetLastActivePopup
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
FillRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
PeekMessageA
IsWindowVisible
GetKeyState
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
ValidateRect
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
SetCursorPos
CopyIcon
FrameRect
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
ShowWindow
SetWindowsHookExA

gdi32

GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
SetLayout
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CopyMetaFileA
CreateDCA
CreateFontIndirectA
RealizePalette
GetStockObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
GetUserNameA
RegQueryInfoKeyA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
UrlUnescapeA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA
PathFileExistsA
PathRemoveFileSpecW

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
GetThemePartSize
IsAppThemed
GetWindowTheme
GetThemeSysColor
DrawThemeText
IsThemeBackgroundPartiallyTransparent

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CreateStreamOnHGlobal
OleRun
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoGetClassObject
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CoUninitialize
CoInitializeSecurity
CoInitialize
CoSetProxyBlanket

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysStringLen
VariantChangeType
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantClear
SysFreeString
VariantCopy
VarBstrFromDate
GetErrorInfo
LoadTypeLi

oledlg

ord8

wsock32

closesocket
connect
socket
ioctlsocket
htons
bind

netapi32

NetGetJoinInformation
NetApiBufferFree

activeds

ord3
ord7

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipDeleteGraphics
GdipGetImageHeight
GdipAlloc
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipFree
GdipBitmapUnlockBits
GdipDrawImageRectI
GdiplusStartup

wininet

HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetSetOptionA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a171629b8b515fe7e17afd60c3438421

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

wsock32

netapi32

activeds

oleacc

gdiplus

wininet

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 355KB - Virtual size: 354KB

.data Size: 23KB - Virtual size: 48KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 71KB - Virtual size: 70KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 355KB - Virtual size: 354KB

.data
Size: 23KB - Virtual size: 48KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 71KB - Virtual size: 70KB