fd3c4c03a16a816dc0f46d9e974ebdf8b095442407e5b7273bfce2529ca92410

Sharing

Copy URL

Twitter E-mail

General

Target

fd3c4c03a16a816dc0f46d9e974ebdf8b095442407e5b7273bfce2529ca92410
Size

2.0MB
MD5

0f37008ce0f4f36b83521dbff2be4174
SHA1

f08520a51799b9ff0866a797684024e8c46d5d56
SHA256

fd3c4c03a16a816dc0f46d9e974ebdf8b095442407e5b7273bfce2529ca92410
SHA512

e366e5b556e0abc1f4b7ad07f08fa6049e139ddf89ef3e15ecf5068aff2db49ea3f08bded0de60385493a734927c950ae94fc48b475b23365e3aeda43a9c11c9
SSDEEP

49152:8LvJgDm9M9rWuWmwZVb8HXZUNlsLkEnTmBz0YhB2qBKC:8LviK9MpBwZVb8HXZU3sLkETmBz0SBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd3c4c03a16a816dc0f46d9e974ebdf8b095442407e5b7273bfce2529ca92410

Files

fd3c4c03a16a816dc0f46d9e974ebdf8b095442407e5b7273bfce2529ca92410
.dll windows:6 windows x86 arch:x86

07652c953db513318209653c5b1f66b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Users\tangrongkang251\Desktop\PosCode\SPOS\bin\NetService.pdb

Imports

libssl-1_1

SSL_shutdown
SSL_get_peer_certificate
SSL_read
SSL_CTX_free
SSL_get_error
SSL_connect
SSL_set_fd
OPENSSL_init_ssl
SSL_new
SSL_CTX_set_verify
TLSv1_2_client_method
SSL_CTX_new
SSL_write
SSL_free

libcrypto-1_1

X509_get_issuer_name
CRYPTO_free
X509_get_subject_name
X509_NAME_oneline
OPENSSL_init_crypto
X509_free

ws2_32

getaddrinfo
WSACleanup
WSAStartup
inet_ntop
socket
htons
connect
WSAGetLastError
closesocket
recv
send

kernel32

SetThreadPriority
ResumeThread
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalAddAtomA
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
GlobalGetAtomNameA
FileTimeToSystemTime
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetModuleHandleA
LoadLibraryA
lstrcmpiA
GetVolumeInformationA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
EncodePointer
GetSystemDirectoryW
FindResourceA
GetCurrentDirectoryA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
FreeResource
lstrcmpW
GlobalFindAtomA
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
lstrcpyA
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTickCount
GetProfileIntA
SearchPathA
Sleep
GetTempFileNameA
CompareStringA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
CreateFileW
GetFileType
GetTimeZoneInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
SetStdHandle
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapQueryInformation
QueryPerformanceFrequency
ExitProcess
GetStdHandle
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetStringTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GetModuleFileNameW
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
SetLastError
CopyFileA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
GetCurrentProcessId
lstrcmpA
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
OutputDebugStringA
FormatMessageA
HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
GetProcessHeap
DeleteCriticalSection
DecodePointer

user32

GetTopWindow
LoadIconA
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
MoveWindow
CheckDlgButton
SendDlgItemMessageA
IsDialogMessageA
DestroyIcon
DestroyMenu
GetMenuItemInfoA
InflateRect
IntersectRect
SetRectEmpty
OffsetRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
LoadImageW
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
SetWindowLongA
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
InvalidateRect
UpdateWindow
RealChildWindowFromPoint
GetWindow
GetClassNameA
GetDesktopWindow
PtInRect
ClientToScreen
GetWindowRect
SetWindowTextA
GetDlgCtrlID
DeleteMenu
SystemParametersInfoA
CopyImage
GetClientRect
CharUpperA
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
GetWindowTextLengthA
GetWindowTextA
UnhookWindowsHookEx
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetFocus
KillTimer
SetTimer
WaitMessage
PeekMessageA
DispatchMessageA
PostQuitMessage
PostMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetClassLongA
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
TranslateMDISysAccel
SetMenu
UnregisterClassA
EnableMenuItem

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindExtensionA
StrFormatKBSizeA
PathFindFileNameA

uxtheme

GetThemePartSize
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

wsock32

WSASetLastError

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipCreateBitmapFromStream
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImagePaletteSize

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
Escape
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
ExcludeClipRect
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
BitBlt
DeleteObject
CreateBitmap
GetDeviceCaps
CreateDCA
ExtFloodFill
SetPaletteEntries
ScaleWindowExtEx
GetTextFaceA
GetViewportOrgEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
GetWindowOrgEx
SetPixelV
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CopyMetaFileA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderA
SHGetFileInfoA
DragFinish
DragQueryFileA

ole32

OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
OleCreateMenuDescriptor
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning

oleaut32

SysFreeString
SysStringLen
SystemTimeToVariantTime
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
LoadTypeLi
VariantInit

Exports

Exports

CreatServerConnectPtr
DeleteServerConnectPtr

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07652c953db513318209653c5b1f66b9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libssl-1_1

libcrypto-1_1

ws2_32

kernel32

user32

msimg32

shlwapi

uxtheme

wsock32

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 342KB - Virtual size: 341KB

.data Size: 20KB - Virtual size: 48KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 132KB - Virtual size: 132KB

.rmnet Size: 113KB - Virtual size: 116KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 342KB - Virtual size: 341KB

.data
Size: 20KB - Virtual size: 48KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 132KB - Virtual size: 132KB

.rmnet
Size: 113KB - Virtual size: 116KB