4338cbf8322a3d4e0731e2e1ea1191b7e09554a40212543c2568688cb9b322eb

Sharing

Copy URL Twitter E-mail

General

Target

4338cbf8322a3d4e0731e2e1ea1191b7e09554a40212543c2568688cb9b322eb
Size

3.4MB
MD5

e738752edf53bdafb5d5039dd33d0811
SHA1

d70686c6b7543785ff6c1afd36d32c0fa00cd8f3
SHA256

4338cbf8322a3d4e0731e2e1ea1191b7e09554a40212543c2568688cb9b322eb
SHA512

79e4ee1185a6ba8765de966a578c8c50f5de7c15871a65c32865ae9dd573b48f4d956983e371fe78a842a70bb518279a4451a2c2c5f6e87e87a4edeccf9bd288
SSDEEP

49152:7dIEmTtLUYMWFHQcfsabXc8l1Q5/YZvvt:CEm2irudYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4338cbf8322a3d4e0731e2e1ea1191b7e09554a40212543c2568688cb9b322eb

Files

4338cbf8322a3d4e0731e2e1ea1191b7e09554a40212543c2568688cb9b322eb
.exe windows:6 windows x86 arch:x86

eb94dd7ed768361cac59f19150ff6de0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\VCtest\Projects\InLineHookLib\Debug\WIN32MFCTEST.pdb

Imports

kernel32

RaiseException
GetLastError
SetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetCommandLineW
GetFileAttributesA
CloseHandle
Sleep
OutputDebugStringW
LCMapStringW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameA
GetModuleHandleExW
HeapValidate
GetSystemInfo
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
GetStdHandle
GetFileType
WriteConsoleW
ExitProcess
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetExitCodeProcess
CreateProcessA
CreateProcessW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
FindResourceExW
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
GetStringTypeExW
MoveFileW
lstrcmpiW
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
GetThreadLocale
GetProfileIntW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateEventW
SetEvent
GetAtomNameW
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalSize
GlobalGetAtomNameW
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GetSystemDirectoryW
EncodePointer
GetThreadPriority
SetThreadPriority
CompareStringA
FindResourceW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThread
SetErrorMode
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
GetACP
MultiByteToWideChar
IsBadReadPtr
VirtualFreeEx
VirtualAllocEx
OpenProcess
Thread32Next
Thread32First
CreateToolhelp32Snapshot
WideCharToMultiByte
LoadLibraryW
LoadLibraryA
GetProcAddress
IsWow64Process
VirtualQuery
VirtualProtect
DecodePointer
VirtualFree
VirtualAlloc
GetTickCount
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
GetExitCodeThread
OpenThread
GetCurrentThreadId
CreateRemoteThread
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
WaitForSingleObject
HeapCreate
QueryDosDeviceW
SystemTimeToFileTime
FileTimeToSystemTime
WaitForMultipleObjects
GetModuleHandleW
SetSystemTime
TerminateThread
CreateThread

user32

LoadMenuW
DrawFrameControl
DrawEdge
GetCursorPos
TranslateMessage
GetMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MessageBoxW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
LoadMenuIndirectW
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
NotifyWinEvent
ArrangeIconicWindows
DlgDirSelectComboBoxExW
DlgDirListComboBoxW
DlgDirSelectExW
DlgDirListW
MapDialogRect
LoadIconW
LoadCursorW
GetLastActivePopup
GetTopWindow
FindWindowExW
FindWindowW
SetParent
DrawTextExW
ChildWindowFromPoint
GetMenuBarInfo
MapWindowPoints
ScreenToClient
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowContextHelpId
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
LockWindowUpdate
RedrawWindow
ValidateRgn
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDCEx
UnregisterClassW
GetDesktopWindow
GetWindowThreadProcessId
ReuseDDElParam
GetDC
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
DragDetect
GetSystemMenu
DrawMenuBar
HiliteMenuItem
EnableWindow
KillTimer
SetTimer
SetCapture
GetCapture
GetFocus
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
ModifyMenuW
DeleteMenu
SetMenuItemBitmaps
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
DrawIcon
GetMessageTime
DrawTextW
GetWindow
PeekMessageA
PostQuitMessage
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
UnregisterClassA
PeekMessageW
SendMessageW
SetFocus
SetScrollPos
GetScrollPos
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
DrawCaption
DrawAnimatedRects
SendNotifyMessageW
PostMessageW
PostThreadMessageW
IsWindow
IsChild
FlashWindow
ShowOwnedPopups
OpenIcon
CloseWindow
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
GetNextDlgGroupItem
GetNextDlgTabItem
OpenClipboard
GetClipboardOwner
SetClipboardViewer
GetClipboardViewer
GrayStringW
DrawStateW
TabbedTextOutW
GetTabbedTextExtentW
WindowFromDC
ExcludeUpdateRgn
ScrollDC
SetMenuContextHelpId
GetMenuContextHelpId
GetSysColorBrush
DrawFocusRect
FillRect
FrameRect
InvertRect
CheckMenuRadioItem
LoadBitmapW
GetMenuCheckMarkDimensions
CopyImage
SystemParametersInfoW
SetCursor
RealChildWindowFromPoint
LoadAcceleratorsW
DestroyMenu
GetSystemMetrics
InflateRect
CreateDialogIndirectParamW
EndDialog
IntersectRect
GetClipboardFormatNameA
GetClipboardFormatNameW
UnpackDDElParam
GetAsyncKeyState
ReleaseCapture
IsRectEmpty
GetKeyNameTextW
MapVirtualKeyW
SetRect
DestroyIcon
CharUpperW
TranslateAcceleratorW
ChildWindowFromPointEx
LoadImageW
ChangeClipboardChain
GetOpenClipboardWindow
GetActiveWindow
GetDialogBaseUnits
UnionRect
WindowFromPoint

gdi32

EnumFontFamiliesExW
IntersectClipRect
GetStockObject
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetObjectW
SetTextColor
SetBkColor
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
AnimatePalette
Arc
BitBlt
Chord
CombineRgn
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
CreateCompatibleBitmap
CreateDiscardableBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateFontIndirectW
CreateFontW
CreateICW
CreatePalette
CreatePenIndirect
CreatePolyPolygonRgn
CreateRectRgnIndirect
CreateRoundRectRgn
DrawEscape
Ellipse
EnumObjects
EqualRgn
Escape
ExtEscape
ExtCreateRegion
ExtFloodFill
FillRgn
FloodFill
FrameRgn
GetROP2
GetAspectRatioFilterEx
GetBkColor
GetBkMode
GetBitmapBits
GetBitmapDimensionEx
GetBoundsRect
GetBrushOrgEx
GetCharWidthW
GetCharWidthFloatW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetCurrentObject
GetFontData
GetGlyphOutlineW
GetGraphicsMode
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRegionData
GetRgnBox
GetStretchBltMode
GetTextCharacterExtra
GetTextAlign
GetTextColor
GetTextExtentPoint32W
GetFontLanguageInfo
GetCharacterPlacementW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
InvertRgn
MaskBlt
PlgBlt
OffsetRgn
PatBlt
Pie
PaintRgn
PolyPolygon
PtInRegion
PtVisible
RectInRegion
RectVisible
Rectangle
ResetDCW
RealizePalette
RoundRect
ResizePalette
SetBitmapBits
SetBoundsRect
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
UpdateColors
PlayEnhMetaFile
GdiComment
GetTextMetricsW
AngleArc
PolyPolyline
GetWorldTransform
GetColorAdjustment
CreateHalftonePalette
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetPath
PathToRegion
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GetMiterLimit
GetArcDirection
TextOutW
ExtTextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetBitmapDimensionEx
SetBrushOrgEx
GetTextFaceW
GetKerningPairsW
UnrealizeObject
CloseMetaFile
CreateMetaFileW
CloseEnhMetaFile
CreateEnhMetaFileW
CreateDIBSection
StretchDIBits
LineTo

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

SystemFunction036
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW

shell32

ShellExecuteW
SHAddToRecentDocs
ExtractIconW
SHGetFileInfoW
DragQueryFileW
DragFinish
DragAcceptFiles

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathStripToRootW

uxtheme

IsAppThemed
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground

ole32

CoInitialize
CoCreateInstance
SetConvertStg
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoDisconnectObject
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoCreateGuid
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleRun
CreateStreamOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
CoTreatAsClass
StringFromGUID2
OleRegGetUserType
PropVariantCopy

oleaut32

VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SafeArrayGetElemsize
SafeArrayGetDim
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysFreeString
VarDecFromStr

urlmon

URLDownloadToFileA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA
DeleteUrlCacheEntryA

ws2_32

WSAGetLastError
WSACleanup
WSAStartup
gethostname
htons
inet_addr
gethostbyname
closesocket
connect
inet_ntoa
ntohl
recv
recvfrom
send
sendto
socket
setsockopt
htonl

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdiplusShutdown

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb94dd7ed768361cac59f19150ff6de0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

urlmon

wininet

ws2_32

oleacc

gdiplus

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 478KB - Virtual size: 477KB

.data Size: 20KB - Virtual size: 49KB

.idata Size: 23KB - Virtual size: 22KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 123KB - Virtual size: 123KB

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 478KB - Virtual size: 477KB

.data
Size: 20KB - Virtual size: 49KB

.idata
Size: 23KB - Virtual size: 22KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 123KB - Virtual size: 123KB