3bcd0955fb0a478c0a969b236b1dff6b1b1fff8b3066772548cb90e27af0d829

Sharing

Copy URL

Twitter E-mail

General

Target

3bcd0955fb0a478c0a969b236b1dff6b1b1fff8b3066772548cb90e27af0d829
Size

2.4MB
MD5

6acb0991b808fd815eb72f242aac3282
SHA1

871801974dde965713134c875ec82b6a4b70bda7
SHA256

3bcd0955fb0a478c0a969b236b1dff6b1b1fff8b3066772548cb90e27af0d829
SHA512

9f47eed6dfc5585ae3791763a0022741b9c34ca035b683e02c4047a05be509b7ecff3726d438e63085bc9653e4c65376f54cf7d375fc0746552fff9018d33306
SSDEEP

49152:bXbNbty4hqsbUtvtQqwhKwGMtq2DowoolYYLLHEbU8FtJiCl:7bNTo3QqOKwGMtq2M59YLLHRA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bcd0955fb0a478c0a969b236b1dff6b1b1fff8b3066772548cb90e27af0d829

Files

3bcd0955fb0a478c0a969b236b1dff6b1b1fff8b3066772548cb90e27af0d829
.exe windows:6 windows x86 arch:x86

3f6033717f4b218064a84e9c4cb700dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Program\ScanDev\Release\ScanDev.pdb

Imports

iphlpapi

FlushIpNetTable
AddIPAddress
DeleteIPAddress
GetIpAddrTable

kernel32

LoadLibraryExW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
QueryPerformanceFrequency
TryEnterCriticalSection
GetExitCodeThread
OutputDebugStringW
Sleep
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
GetLastError
MultiByteToWideChar
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
OutputDebugStringA
SetLastError
FreeResource
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadResource
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
FindResourceW
SizeofResource
GlobalAlloc
GlobalSize
LocalFree
MulDiv
FormatMessageW
CopyFileW
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
GlobalAddAtomW
GlobalFindAtomW
GetCurrentThread
GetVersionExW
lstrcmpA
CompareStringA
InitializeCriticalSectionAndSpinCount
CloseHandle
SetEvent
WaitForSingleObject
CreateEventW
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentProcessId
GlobalFlags
GlobalGetAtomNameW
FileTimeToSystemTime
GetThreadLocale
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetCurrentDirectoryW
DeleteFileW
VerSetConditionMask
lstrcpyW
VerifyVersionInfoW
CreateFileW
GetFileAttributesW
GetFileSize
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryW
FindResourceExW
SetErrorMode
SearchPathW
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW

user32

PostThreadMessageW
ModifyMenuW
NotifyWinEvent
SetWindowRgn
GetSystemMenu
CharUpperW
TrackMouseEvent
IsRectEmpty
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
LoadImageW
DestroyIcon
IntersectRect
InsertMenuItemW
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
InvalidateRect
DeleteMenu
WindowFromPoint
ReleaseCapture
SetCapture
GetAsyncKeyState
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
KillTimer
SetTimer
ToUnicodeEx
SetRectEmpty
SendDlgItemMessageA
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
MapDialogRect
SetWindowContextHelpId
SystemParametersInfoW
OffsetRect
MessageBeep
IsZoomed
PostQuitMessage
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
UpdateLayeredWindow
EnableScrollBar
SetMenuDefaultItem
GetMenuStringW
GetMenuState
CopyIcon
GetMenuItemID
GetMenuItemCount
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
RegisterClipboardFormatW
CharUpperBuffW
LockWindowUpdate
SetClassLongW
CharNextW
InvalidateRgn
SetRect
GetNextDlgGroupItem
MapWindowPoints
ScreenToClient
GetMenuDefaultItem
UnionRect
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
SetCursorPos
WaitMessage
InsertMenuW
AppendMenuW
RemoveMenu
ShowWindow
MoveWindow
SetWindowPos
SetDlgItemTextW
CheckDlgButton
GetDlgCtrlID
SetFocus
GetFocus
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetWindowLongW
GetWindow
IsDialogMessageW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
GetParent
CreateWindowExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
AdjustWindowRectEx
MessageBoxW
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetIconInfo
HideCaret
EnableWindow
LoadIconW
SendMessageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
wsprintfW
GetWindowRect
UnregisterClassW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
GetSubMenu
InvertRect

gdi32

BitBlt
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
PtVisible
SetPixelV
GetTextFaceW
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
RoundRect
LPtoDP
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
EnumFontFamiliesExW
DPtoLP
SetRectRgn
GetMapMode
GetBkColor
GetTextColor
OffsetRgn
GetRgnBox
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
GetDIBits
CombineRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
CreateCompatibleDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHGetDesktopFolder
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

uxtheme

GetThemePartSize
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetWindowTheme
IsAppThemed
GetThemeColor
GetCurrentThemeName

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SafeArrayDestroy
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

ws2_32

setsockopt
WSASetLastError
WSACleanup
WSAStartup
inet_ntoa
gethostname
ntohl
recvfrom
htonl
sendto
select
socket
closesocket
htons
gethostbyname
ntohs
bind

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f6033717f4b218064a84e9c4cb700dd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

iphlpapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 350KB - Virtual size: 349KB

.data Size: 28KB - Virtual size: 54KB

.gfids Size: 109KB - Virtual size: 108KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 129KB - Virtual size: 129KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 350KB - Virtual size: 349KB

.data
Size: 28KB - Virtual size: 54KB

.gfids
Size: 109KB - Virtual size: 108KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 129KB - Virtual size: 129KB