16a810e0023c92cb2f6014bbee124886e472b6e2d51e1764a6ddca7316070041

Sharing

Copy URL Twitter E-mail

General

Target

16a810e0023c92cb2f6014bbee124886e472b6e2d51e1764a6ddca7316070041
Size

1.9MB
MD5

899f9bb7eeaa2a3643a1581e006e2b50
SHA1

e61ff239ccd4c00f78a7c6aa7321ad29f7a3c9e7
SHA256

16a810e0023c92cb2f6014bbee124886e472b6e2d51e1764a6ddca7316070041
SHA512

f523c32d370881e1a0ab5f3046c325b1e64da0074575cbf4b6ddc94541c18ea3c5406d0a2063a1938acf7491131cbb4edb447dcb662196df9fe5363496694846
SSDEEP

49152:iAVLO313ljZchYp3K9kFH1lYyT+0mAJmrXLcZNXaI9/yenHHC9U:iiLU3dZcep3vFXYyT+WSQZNXaqnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16a810e0023c92cb2f6014bbee124886e472b6e2d51e1764a6ddca7316070041

Files

16a810e0023c92cb2f6014bbee124886e472b6e2d51e1764a6ddca7316070041
.dll windows:5 windows x86 arch:x86

b8d6959e09312a703ebaf325a97b0794

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Home\CeiApp\CappeSDKv20\CP3APIv20\Release\TwainCtrl.pdb

Imports

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

kernel32

CreateThread
ExitThread
HeapQueryInformation
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
IsValidCodePage
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
LCMapStringW
IsValidLocale
EnumSystemLocalesW
OutputDebugStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetProcAddress
GetModuleHandleA
VirtualQuery
CreateToolhelp32Snapshot
GetCurrentProcessId
RtlUnwind
Module32First
Module32Next
CloseHandle
lstrcmpiA
VirtualProtect
GetModuleHandleExW
GetCurrentProcess
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileStringA
lstrcatA
lstrlenA
lstrcpynA
GetModuleFileNameA
GetSystemWindowsDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetLastError
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetLastError
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceA
FreeResource
GetUserDefaultLangID
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetCommandLineA
FindResourceExW
GetUserDefaultLCID
Sleep
GetProfileIntA
GetTickCount
SearchPathA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetCPInfo
ExitProcess
VirtualAlloc
WriteProcessMemory
GetSystemInfo
RaiseException
HeapSize
DecodePointer
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
VerifyVersionInfoA
VerSetConditionMask
GlobalFlags
GetACP
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SuspendThread
SetThreadPriority
GetVersionExA
GetCurrentThread
FileTimeToSystemTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVolumeInformationA
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
DeleteFileA
CreateFileA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringA
CreateEventA
CreateMutexA
ReleaseMutex
MultiByteToWideChar
CopyFileA
FormatMessageA
GetCurrentThreadId
MulDiv
GlobalSize
GetSystemWow64DirectoryA
LoadLibraryA
FreeLibrary
OpenEventA
LocalFree
SetEvent
ResumeThread
WaitForSingleObject
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
CreateDirectoryA
lstrcpyA
lstrcmpA

user32

CharUpperBuffA
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongA
LockWindowUpdate
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
SetParent
MapVirtualKeyA
GetKeyNameTextA
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
IsRectEmpty
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
WindowFromPoint
MessageBeep
SetWindowRgn
DeleteMenu
GetSystemMenu
LoadMenuW
KillTimer
SetTimer
SetCapture
GetAsyncKeyState
IsZoomed
TrackMouseEvent
CopyImage
InflateRect
GetMenuItemInfoA
EnumDisplayMonitors
SystemParametersInfoA
LoadCursorW
SetLayeredWindowAttributes
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
OffsetRect
IntersectRect
SetRectEmpty
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
ReleaseCapture
BringWindowToTop
IsIconic
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
PostQuitMessage
GetSystemMetrics
CharUpperA
GetCursorPos
DrawIcon
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowThreadProcessId
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
GetWindowRgn
GetComboBoxInfo
MapDialogRect
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
WaitMessage
PostThreadMessageA
FrameRect
CopyIcon
ClientToScreen
ModifyMenuA
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
FillRect
GetClientRect
InvalidateRect
UpdateWindow
DrawStateA
GetParent
GetDesktopWindow
GetWindowLongA
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
EnumWindows
SetForegroundWindow
GetWindowTextA
IsWindowVisible
PostMessageA
CallNextHookEx
SetWindowPos
GetClassNameA
UnhookWindowsHookEx
SetWindowsHookExA
UnregisterClassA
LoadStringA
SetActiveWindow
GetActiveWindow
IsWindowEnabled
SendMessageA
EnableWindow
CharPrevA
LoadAcceleratorsA

gdi32

CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
CreatePatternBrush
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
CombineRgn
PatBlt
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPixelV
GetTextFaceA
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
SetTextColor
SetBkColor
GetObjectA
GetStockObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCA
CreateDIBitmap
DeleteDC
CopyMetaFileA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA

shell32

SHBrowseForFolderA
SHGetFolderPathA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA
SHAppBarMessage
SHGetSpecialFolderPathA

shlwapi

PathAppendA
PathRemoveFileSpecA
StrStrIA
PathFileExistsA
PathFindFileNameA
PathAddExtensionA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA
PathRemoveFileSpecW

uxtheme

GetThemePartSize
GetCurrentThemeName
GetThemeColor
CloseThemeData
OpenThemeData
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
DrawThemeBackground
GetWindowTheme
GetThemeSysColor

ole32

CoInitializeEx
CreateStreamOnHGlobal
DoDragDrop
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
OleLockRunning
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
VariantChangeType

gdiplus

GdipGetImageHeight
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdiplusShutdown
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc

imagehlp

ImageDirectoryEntryToData

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

Create

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8d6959e09312a703ebaf325a97b0794

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wtsapi32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

imagehlp

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 327KB - Virtual size: 327KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 121KB - Virtual size: 120KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 327KB - Virtual size: 327KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 121KB - Virtual size: 120KB