63725db8fc2a579fcee7bf985c323022fc9e13b47758d49b3797ee6938ce7e78

Sharing

Copy URL Twitter E-mail

General

Target

63725db8fc2a579fcee7bf985c323022fc9e13b47758d49b3797ee6938ce7e78
Size

420KB
MD5

ccede59e0246bc93657cc257ba6a498f
SHA1

7d12fe7d74365ef8c6fbec3b64cf7f47e4e16ffd
SHA256

63725db8fc2a579fcee7bf985c323022fc9e13b47758d49b3797ee6938ce7e78
SHA512

bd9b596add12218f136014365e3690702733c4dd2d8902e8e110c3f3f58bc45a9ddd0e4c2e19fa9a8a12d0aa7e357ee2f0d469c8327c031f024c6c0cf1e6f2d3
SSDEEP

6144:E3+lFLt6eMp65WB24QBJ/uHB0c7/AvVtXOLWLMJMI3cPGdfA6f2y/UqfT3lzWJFN:E3+PLIeME4B24UZAB/OVAXJl/pB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63725db8fc2a579fcee7bf985c323022fc9e13b47758d49b3797ee6938ce7e78

Files

63725db8fc2a579fcee7bf985c323022fc9e13b47758d49b3797ee6938ce7e78
.exe windows:4 windows x86 arch:x86

5885c598fdb59103c3de5a1c336832df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\vs2003\StpChker\Source\ver_121\Release\StpChker.pdb

Imports

kernel32

TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetCurrentProcessId
GetTimeZoneInformation
GetStdHandle
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
InterlockedExchange
SetCurrentDirectoryA
SetEnvironmentVariableA
GetDriveTypeA
GetDateFormatA
GetTimeFormatA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
HeapFree
HeapSize
HeapAlloc
HeapReAlloc
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryExA
lstrcpyA
FindNextFileA
InterlockedIncrement
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcmpW
GetModuleHandleA
GetProcAddress
GlobalGetAtomNameA
GlobalAddAtomA
lstrcatA
GetFileTime
GetFileSize
GetFileAttributesA
CreateFileA
SetFileTime
CloseHandle
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
GlobalFree
GlobalAlloc
FormatMessageA
lstrcpynA
LocalFree
GetModuleFileNameA
GlobalLock
GlobalUnlock
MulDiv
GetCurrentDirectoryA
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
UnhandledExceptionFilter

user32

InvalidateRgn
CopyAcceleratorTableA
GetMenuItemInfoA
GetSysColorBrush
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
IsZoomed
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
SetCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
DrawIcon
IsRectEmpty
FindWindowA
FillRect
GetDC
ReleaseDC
GetCursorPos
LoadCursorA
DestroyCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
CharNextA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
LockWindowUpdate
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetClassNameA
WinHelpA
SetFocus
EnableWindow
SendMessageA
GetSysColor
RedrawWindow
CharUpperA
SetRect
UpdateWindow
InflateRect
GetClientRect
IsWindowEnabled
GetLastActivePopup
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
LoadIconA
GetClassInfoA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
InvalidateRect
GetDCEx
MessageBeep
GetNextDlgGroupItem
DeleteMenu
DestroyIcon
WindowFromPoint
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
PostMessageA
SetMenu
ShowWindow
GetDesktopWindow
GetWindow
GetTabbedTextExtentA
PostThreadMessageA
CreateMenu
SetParent
EndDeferWindowPos
GetWindowLongA
GetParent
MessageBoxA
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
UnregisterClassA
DefFrameProcA
GetMenu
DefMDIChildProcA
DrawMenuBar
GetActiveWindow
BringWindowToTop
CreateWindowExA
TranslateMDISysAccel
TranslateAcceleratorA
IsWindow
SetWindowLongA
SetWindowPos
AdjustWindowRectEx
wsprintfA
TabbedTextOutA

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
OffsetViewportOrgEx
GetTextExtentPoint32A
StretchDIBits
GetCharWidthA
CreateFontA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
GetRgnBox
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
GetTextMetricsA
CreateSolidBrush
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DeleteDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
Ellipse
LPtoDP
CreateEllipticRgn
PatBlt
Rectangle
DPtoLP
GetViewportOrgEx
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
CreateDCA
ResetDCA
GetDeviceCaps
CreateFontIndirectA
CreatePen
IntersectClipRect

comdlg32

GetFileTitleA
PrintDlgA
PageSetupDlgA
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

advapi32

GetFileSecurityA
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey
SetFileSecurityA

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
DragFinish
ExtractIconA
SHGetMalloc
DragQueryFileA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateILockBytesOnHGlobal

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5885c598fdb59103c3de5a1c336832df

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 292KB - Virtual size: 289KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 292KB - Virtual size: 289KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 32KB - Virtual size: 29KB