ab94d7dac919992b52128993d4a83bc7d6e2214e3e2564f69d86cd098addb754

Sharing

Copy URL Twitter E-mail

General

Target

ab94d7dac919992b52128993d4a83bc7d6e2214e3e2564f69d86cd098addb754
Size

1.3MB
MD5

7a65d2c64a6556b3fb77afde19535863
SHA1

af94c83b187deb369f5c9f9d71297961ddc30a53
SHA256

ab94d7dac919992b52128993d4a83bc7d6e2214e3e2564f69d86cd098addb754
SHA512

eb0d2918755f6d0a3f7fedfc70f6826f5aff610102db9f5de63e0faeeb1201dbbb7714366432cff2769adccb5fa7587a8206c497b353ef9cb9af561f97b14d59
SSDEEP

24576:p66nE/u+4R0Ps6two+A2BkeEvgnKZxZOvwujOuORpd3hAIUGgxiMqqf:JnE/u+E96two+A2tShZxZW/OuORPh8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab94d7dac919992b52128993d4a83bc7d6e2214e3e2564f69d86cd098addb754

Files

ab94d7dac919992b52128993d4a83bc7d6e2214e3e2564f69d86cd098addb754
.exe windows:4 windows x86 arch:x86

ffc6965d835cd731c4656153c12111bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

softliz

ReadLicenseOEM
SoftlizGetString
SoftlizDlg

raptra30

RTTranslateString
RTPause
RTAddThread
RTStart
RTSwitchDialog
RTGetLanguageParams
RTAddMoreTra
RTTranslateMoreTra
RTStartMultiTra
RTSwitchLanguage
RTGetLanguageFileParams
RTEnd

ec6tool

PrintMan
FileExist
GetModulPfad
GetECFont
DestroyBubble
GetEinheitsFaktor
IFormatToString
SetDlgItemFloat
GetDlgItemFloat
StartProgram
DelWorkBox
MakeWorkBox
CenterDLG
DoCalcMatrix
DrawLine
MakeDblRect
RectInRect
StretchDibDC
rgb2cmyk2
cmyk2rgb
SetEinheit
RectToPolar
DrawEllipse
SetXorMode
DoMakeBezCircle
DrawBitmap2DC
CreateBubble
CallBrowser
StretchDibWnd
GetDiskSpaceMB
QueryShortDate
CallEditor
CallExplorer
ConvertDate2String
DateDifference
ConvertString2Date
GetActDate
ChkOverwriteFile
StringToIFormat
ShortenDCString
StrrDelSpaces
ShowBubbleRight
Round
RectInRect1
WRectInWRect
SetNormMode
LoadDLL
GetOSVersion
BlitBitmap
DefDlgInit
ShowBubble
HideBubble
SetFontToDialogbox
CalcArea
DrawRect

ec6ctrl

SetColorMode
GetColorMode
GetPalFromCtrl
GetColorBrush
DeleteColorBrush

ec6obj

NodeMan
ObjMan
EnvMan
TextMan

ec6job

GetInfoAsker
SaveJobCommonDlg
JobMan
LoadJobCommonDlg
JobKalkulation
PrintJobKalkulation
JobInfo

ec6lay

LayerMan

ecworkin

UserCanceled
ProgressingInvisible
ProgressExit
ProgressInit2

ecfilter

FilterMan

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

mfc42

ord642
ord1709
ord4274
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5714
ord4622
ord3738
ord561
ord815
ord5500
ord6354
ord4146
ord6215
ord5732
ord6117
ord6438
ord2725
ord5289
ord1146
ord1799
ord614
ord1206
ord2623
ord290
ord1223
ord4226
ord2486
ord4003
ord446
ord743
ord1601
ord540
ord800
ord772
ord500
ord5572
ord2915
ord6142
ord5606
ord5860
ord858
ord941
ord535
ord939
ord940
ord539
ord537
ord4396
ord3572
ord640
ord809
ord323
ord556
ord6069
ord1140
ord5875
ord2614
ord3874
ord4133
ord4297
ord5788
ord472
ord283
ord2859
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord6358
ord1088
ord2122
ord613
ord6880
ord289
ord3693
ord3626
ord2414
ord3663
ord3573
ord3571
ord1641
ord1640
ord5785
ord2860
ord2574
ord3402
ord609
ord2575
ord3574
ord327
ord1865
ord5103
ord3350
ord975
ord4151
ord5282
ord1724
ord5256
ord706
ord408
ord3295
ord4366
ord5086
ord1710
ord1715
ord5064
ord3730
ord554
ord807
ord4248
ord6197
ord2103
ord2012
ord6064
ord2626
ord5883
ord6199
ord6625
ord4457
ord4499
ord4268
ord4759
ord2800
ord5871
ord4076
ord3495
ord3289
ord1175
ord4147
ord3362
ord4448
ord2997
ord3103
ord1859
ord4246
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord2880
ord4153
ord2383
ord4437
ord796
ord529
ord402
ord2809
ord5510
ord3027
ord3448
ord1664
ord1652
ord429
ord2970
ord5882
ord2920
ord6000
ord2117
ord2494
ord2627
ord2087
ord647
ord4157
ord333
ord5954
ord5815
ord3601
ord4156
ord299
ord3521
ord4773
ord5255
ord1270
ord1232
ord4501
ord5032
ord4724
ord5284
ord4793
ord6067
ord3294
ord4428
ord4284
ord6626
ord5903
ord1705
ord4042
ord4163
ord6241
ord3092
ord3797
ord1864
ord686
ord2408
ord2453
ord2096
ord384
ord3272
ord3353
ord3579
ord430
ord729
ord801
ord541
ord1187
ord924
ord2863
ord5593
ord3438
ord4204
ord5710
ord4129
ord2763
ord6928
ord912
ord798
ord5465
ord5194
ord533
ord922
ord532
ord2642
ord3744
ord2629
ord5683
ord1576
ord2455
ord4220
ord2584
ord3654
ord2438
ord1644
ord816
ord5787
ord562
ord668
ord1980
ord3181
ord4058
ord2781
ord2770
ord356
ord2514
ord6883
ord3986
ord699
ord397
ord2827
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord1775
ord3597
ord325
ord641
ord3317
ord5953
ord4234
ord4425
ord3499
ord2515
ord355
ord6143
ord3097
ord3098
ord5280
ord6453
ord1938
ord795
ord765
ord2108
ord2116
ord3721
ord3698
ord5823
ord3664
ord415
ord715
ord2775
ord665
ord5186
ord354
ord703
ord404
ord2244
ord3329
ord4131
ord4130
ord3486
ord6134
ord3767
ord1081
ord2111
ord5651
ord3127
ord3616
ord860
ord350
ord3126
ord3613
ord6605
ord2405
ord6170
ord3619
ord3708
ord781
ord2444
ord5248
ord5279
ord6369
ord5234
ord6053
ord1712
ord5082
ord2389
ord4121
ord5471
ord4056
ord4364
ord2530
ord6154
ord4235
ord1817
ord5261
ord4275
ord818
ord567
ord3742
ord4424
ord2446
ord4441
ord5290
ord2385
ord5241
ord4078
ord2379
ord1168
ord823
ord825
ord2864
ord6374
ord4337
ord4500
ord4413
ord4981
ord5031
ord4794
ord4595
ord470
ord755
ord4427
ord4995
ord5981
ord4458
ord5254
ord1233
ord674
ord401
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2445
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4436
ord4837
ord3798
ord1665
ord2649
ord5283
ord4353
ord5163
ord2382
ord5237
ord4407
ord1776
ord4077
ord6055
ord4152
ord2878
ord2879
ord3403
ord5472
ord976
ord5012
ord3351
ord4303
ord4467
ord5104
ord5100
ord3059
ord2390
ord2723
ord2101
ord5101
ord4245
ord1858
ord4160
ord4188

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
memmove
localtime
_mbscmp
_getdrive
_getdcwd
floor
_itoa
strncmp
__mb_cur_max
_isctype
_pctype
realloc
swscanf
qsort
getenv
strcspn
atan
modf
strchr
_strdup
_strnicmp
fmod
atoi
toupper
sqrt
fabs
cos
atan2
sin
_ftol
wcslen
_CxxThrowException
_setmbcp
tan
atol
time
memcmp
_lrotl
__CxxFrameHandler
malloc
memset
free
abs
strcpy
strlen
strcmp
strcat
sprintf
calloc
atof
strstr
strncpy
_splitpath
_strupr
_stricmp
strrchr
memcpy

kernel32

DeleteFileA
GlobalFree
SetFilePointer
ReadFile
GlobalLock
GlobalUnlock
CreateFileA
CloseHandle
GlobalAlloc
GetSystemDirectoryA
GetVolumeInformationA
GetWindowsDirectoryA
GetPrivateProfileSectionA
GlobalHandle
lstrcpyA
GetLastError
InterlockedIncrement
InterlockedDecrement
CreateThread
OpenProcess
CreateProcessA
WaitForSingleObject
GetPrivateProfileIntA
lstrcatA
GetComputerNameA
LockResource
SizeofResource
LoadResource
FindResourceA
ExpandEnvironmentStringsA
GetCurrentProcessId
GetEnvironmentVariableA
GetModuleHandleA
SetErrorMode
SystemTimeToFileTime
GetLocalTime
GetVersion
LocalAlloc
LocalFree
DeviceIoControl
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
GetStartupInfoA
WriteFile
CopyFileA
GetTempFileNameA
GetTempPathA
FindClose
FindFirstFileA
CreateDirectoryA
GetSystemTime
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
GetModuleFileNameA
FreeResource
FreeLibrary
WritePrivateProfileStringA
GetPrivateProfileStringA
LoadLibraryA
GetProfileIntA
WideCharToMultiByte
MoveFileA
GetProcAddress
GetDriveTypeA
SetCurrentDirectoryA
GetCurrentThreadId
GlobalSize
WinExec
FileTimeToSystemTime
MultiByteToWideChar
lstrlenA
FindNextFileA
Sleep
MulDiv

user32

DrawStateA
DrawFocusRect
TabbedTextOutA
GrayStringA
ClientToScreen
InvalidateRect
GetCapture
PtInRect
DrawMenuBar
GetMenuItemCount
CheckMenuItem
EnableMenuItem
ModifyMenuA
DeleteMenu
GetMenuItemID
GetMenuStringA
GetMenuItemInfoA
CloseClipboard
SetClipboardData
OpenClipboard
WinHelpA
DestroyIcon
GetAsyncKeyState
CheckRadioButton
IsIconic
SetWindowTextA
AppendMenuA
SetForegroundWindow
GetTopWindow
DestroyWindow
LoadBitmapA
TrackPopupMenu
UnhookWindowsHookEx
SetDlgItemInt
GetDlgItemInt
CallNextHookEx
SetWindowsHookExA
GetWindowTextA
DestroyMenu
CreatePopupMenu
RegisterClassExA
CreateWindowExA
DefWindowProcA
EndPaint
BeginPaint
RegisterWindowMessageA
wsprintfA
GetClassInfoA
SetRectEmpty
EnumChildWindows
GetWindow
SetCursorPos
GetCursor
ChildWindowFromPoint
GetClipboardData
IsClipboardFormatAvailable
CreateDialogParamA
GetTabbedTextExtentA
IsWindowEnabled
GetWindowTextLengthA
UpdateWindow
GetWindowDC
UnregisterClassA
InsertMenuA
DlgDirSelectExA
DlgDirListA
OffsetRect
RemovePropA
GetPropA
RemoveMenu
SetActiveWindow
PostQuitMessage
GetSysColorBrush
SetScrollInfo
GetScrollInfo
InvalidateRgn
ScrollDC
IsZoomed
SetMenuItemBitmaps
MessageBoxIndirectA
GetMenuState
PeekMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
CheckDlgButton
GetParent
IsDlgButtonChecked
GetFocus
DrawTextA
FillRect
CopyRect
InflateRect
FrameRect
ReleaseCapture
GetSystemMetrics
SetWindowPos
SendDlgItemMessageA
GetDlgItemTextA
EndDialog
SetDlgItemTextA
LoadStringA
MessageBeep
MessageBoxA
ScreenToClient
KillTimer
GetDC
ReleaseDC
DialogBoxParamA
GetClientRect
DestroyCursor
WindowFromPoint
IsWindow
SetFocus
SetCapture
SetTimer
CallWindowProcA
PostMessageA
IsDialogMessageA
IsChild
TranslateAcceleratorA
GetKeyState
FindWindowA
LoadMenuA
GetWindowRect
MoveWindow
GetDlgItem
SetClassLongA
LoadAcceleratorsA
RedrawWindow
GetMenu
GetSubMenu
GetSysColor
GetIconInfo
IsWindowVisible
SetPropA
GetUpdateRect
LockWindowUpdate
DrawIconEx
GetWindowLongA
SetWindowLongA
SetCursor
EnableWindow
SendMessageA
GetCursorPos
LoadImageA
LoadIconA
LoadCursorA
ShowWindow

gdi32

GetCharWidthA
SetBkColor
GetObjectA
GetTextMetricsA
GetTextExtentPoint32A
SetPolyFillMode
SelectClipRgn
GetBkColor
CreateFontIndirectA
Ellipse
CreateRectRgn
SetPixel
SetMapMode
SetTextColor
StartPage
CreateSolidBrush
EndPage
GetDIBits
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
BitBlt
RectVisible
PtVisible
SetROP2
CreateCompatibleDC
CreateCompatibleBitmap
SelectPalette
RealizePalette
Rectangle
SetDIBits
CreatePen
MoveToEx
LineTo
SetBkMode
DeleteDC
UnrealizeObject
DeleteObject
GetTextExtentPointA
SelectObject
PatBlt
GetStockObject

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFolderPathA

comctl32

ImageList_ReplaceIcon

ole32

CoUninitialize
CoInitialize
OleRun
CoCreateInstance
OleUninitialize
OleInitialize

oleaut32

VariantClear
GetErrorInfo
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreate
VariantInit
SysAllocString
SafeArrayDestroy
SysFreeString
SysStringLen
SafeArrayPutElement

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EuroSys_
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffc6965d835cd731c4656153c12111bd

Headers

File Characteristics

Imports

softliz

raptra30

ec6tool

ec6ctrl

ec6obj

ec6job

ec6lay

ecworkin

ecfilter

version

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

CONST Size: 4KB - Virtual size: 80B

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 76KB - Virtual size: 369KB

EuroSys_ Size: 4KB - Virtual size: 12B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 1.2MB - Virtual size: 1.2MB

CONST
Size: 4KB - Virtual size: 80B

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 76KB - Virtual size: 369KB

EuroSys_
Size: 4KB - Virtual size: 12B

.rsrc
Size: 4KB - Virtual size: 1KB