5e5cd95dc40c058467b3d909b7c538a7e113a5303fa58bcada1919c61239f742[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5e5cd95dc40c058467b3d909b7c538a7e113a5303fa58bcada1919c61239f742.exe
Size

6.3MB
MD5

02547f150d8ce1c7c0476ac592f53410
SHA1

9573e3108668c086805de3e282c69fbd057acd9f
SHA256

5e5cd95dc40c058467b3d909b7c538a7e113a5303fa58bcada1919c61239f742
SHA512

dc5b3c6a880eea0a820e89271d0167463fb1dc0c3ff9aef1cb41ac6da9e191409b55c44dcd055a3edf7e7d7c63c526a106506290a6cd153fc6e88bf6703d9dd0
SSDEEP

98304:rnz4G/Xf9EwjOzs90ZZTc8/3Lpkl8Eot0+SUdzdiYmgI0kVZxAsc:rMG/X2wj260LTxil8Ft0vu09ZxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5e5cd95dc40c058467b3d909b7c538a7e113a5303fa58bcada1919c61239f742.exe

Files

5e5cd95dc40c058467b3d909b7c538a7e113a5303fa58bcada1919c61239f742.exe
.exe windows:4 windows x86 arch:x86

539cbd0679c865cc30aff3e1f453fb27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Visual Studio Projects\2005-03-24 - DMS Matrix I - JR DE\DMSTools\Debug\DMSTools.pdb

Imports

kernel32

OutputDebugStringW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetModuleFileNameW
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
WriteConsoleA
SetEnvironmentVariableA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
VirtualQuery
GetSystemInfo
IsBadCodePtr
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetCurrentDirectoryA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapReAlloc
GetProcessHeap
HeapAlloc
HeapFree
SetConsoleCtrlHandler
FatalAppExitA
GetFileType
SetStdHandle
ExitThread
CreateThread
ExitProcess
TerminateProcess
GetDriveTypeA
FileTimeToLocalFileTime
GetCommandLineA
GetStartupInfoA
HeapValidate
RaiseException
OutputDebugStringA
GetStdHandle
DebugBreak
RtlUnwind
lstrcpyW
FileTimeToSystemTime
LocalLock
LocalUnlock
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
InterlockedIncrement
InterlockedDecrement
GlobalFlags
FindNextFileA
VirtualProtect
GetProfileIntA
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
PulseEvent
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
IsBadReadPtr
IsBadWritePtr
CopyFileA
GlobalSize
FormatMessageA
LocalFree
SetErrorMode
SetLastError
GetTickCount
GlobalFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SetEvent
CloseHandle
lstrcmpA
GetModuleFileNameA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
FreeResource
LoadLibraryA
FreeLibrary
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GetProcAddress
lstrcatA
GlobalGetAtomNameA
MulDiv
GlobalAddAtomA
GetLastError
GetCurrentDirectoryA
lstrcpynA
GetCurrentThreadId
CreateDirectoryA
Sleep
GlobalMemoryStatus
GlobalAlloc
GlobalLock
lstrcpyA
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObject
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetEnvironmentVariableW
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
IsBadStringPtrA
OpenEventA

user32

ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ClientToScreen
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
DragDetect
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
SetActiveWindow
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
RegisterClassA
SetForegroundWindow
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
GetWindowRect
IsChild
InvertRect
EndDeferWindowPos
DeferWindowPos
RedrawWindow
IsWindowUnicode
GetMessageW
DispatchMessageW
SubtractRect
UnionRect
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetLastActivePopup
GetClassNameA
EqualRect
GetKeyState
GetDlgCtrlID
UnpackDDElParam
GetForegroundWindow
SendNotifyMessageA
SetWindowContextHelpId
GetWindowContextHelpId
GetSysColorBrush
MapDialogRect
PostThreadMessageA
CloseWindow
OpenIcon
SetMenuItemBitmaps
LoadBitmapA
ReuseDDElParam
WinHelpA
SetMenu
LoadIconA
LoadMenuA
DestroyMenu
GetActiveWindow
GetDesktopWindow
IsWindowEnabled
EnableWindow
PeekMessageA
PostMessageA
GetCapture
LoadAcceleratorsA
RegisterWindowMessageA
wsprintfA
GetParent
GetMenuItemCount
GetSubMenu
GetMenuItemID
AdjustWindowRectEx
GetClientRect
GetWindowLongA
SetWindowLongA
DefMDIChildProcA
GetMenu
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
SetCursor
ClipCursor
GetClassInfoA
LoadCursorA
SendMessageA
SetWindowTextA
GetMenuCheckMarkDimensions
TabbedTextOutA
GetKeyNameTextA
MapVirtualKeyA
SetRectEmpty
UnregisterClassA
SetRect
InflateRect
GetCursor
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
GetIconInfo
DrawIconEx
CreateIconIndirect
LoadImageA
DestroyCursor
MoveWindow
BeginDeferWindowPos
GetFocus
GetSystemMetrics
IsMenu
ScreenToClient
CharLowerW
CharLowerA
CharUpperW
CharUpperA
CloseClipboard
GetClipboardData
OpenClipboard
DrawIcon
CopyRect
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawTextA
DrawTextExA
GetTabbedTextExtentA
SetFocus
GetWindow
ReleaseCapture
EnumChildWindows
SetClipboardData
EmptyClipboard
SetWindowPos
ShowWindow
DefWindowProcA
SetWindowsHookExA
GetSysColor
CallNextHookEx
UnhookWindowsHookEx
GetCursorPos
GetDlgItem
GrayStringA
ScrollDC
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuState
GetMenuStringA
GetMenuItemInfoA
SetMenuItemInfoA
InsertMenuA
InsertMenuItemA
ModifyMenuA
RemoveMenu
LoadMenuIndirectA
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
PostQuitMessage
TranslateMessage
GetMessageA
RegisterClipboardFormatA
WaitMessage
CreateDialogIndirectParamA
EndDialog
PtInRect
MsgWaitForMultipleObjects
GetAsyncKeyState
GetClipboardFormatNameA
DestroyIcon
CharNextA
CopyAcceleratorTableA
MessageBeep
IsClipboardFormatAvailable
GetDialogBaseUnits
InSendMessage
GetWindowThreadProcessId
IsRectEmpty
IsWindow

gdi32

GetStretchBltMode
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetROP2
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
GetPolyFillMode
GetBkMode
GetBkColor
UpdateColors
GetTextCharset
EnumFontFamiliesA
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
CopyMetaFileA
RealizePalette
GetNearestColor
SelectObject
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
GetDeviceCaps
CreateCompatibleDC
CreateICA
CreateDCA
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetDIBits
GetObjectA
CreateDIBSection
SetDIBitsToDevice
GetStockObject
GetNearestPaletteIndex
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
CreateMetaFileA
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
ExtTextOutA
UnrealizeObject
GetObjectType
CreatePen
CreatePenIndirect
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateFontA
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
GetColorAdjustment
DeleteMetaFile
StretchDIBits
AnimatePalette

comdlg32

PageSetupDlgA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
ChooseColorA
ReplaceTextA
CommDlgExtendedError
PrintDlgA
FindTextA

winspool.drv

ClosePrinter
GetJobA
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RevertToSelf
SetThreadToken
RegQueryInfoKeyA
OpenThreadToken

shell32

SHBrowseForFolderA
DragQueryPoint
DragQueryFileA
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
ExtractIconA
SHGetFileInfoA
DragAcceptFiles
DragFinish

comctl32

ImageList_Create
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_SetOverlayImage
ImageList_DragLeave
ord8
ImageList_SetImageCount
ImageList_Copy
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_SetBkColor
ImageList_DrawEx
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ord14
ImageList_Write
ImageList_Read
ImageList_Merge
ImageList_DragEnter
ImageList_LoadImageA
ImageList_Destroy
ord13
ord17
ImageList_GetImageInfo
ImageList_GetBkColor

shlwapi

PathRemoveExtensionA
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

oledlg

ord3
ord7
ord6
ord5
ord9
ord4
ord8

ole32

GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
CreateStreamOnHGlobal
StgIsStorageILockBytes
CreateItemMoniker
OleIsRunning
OleGetClipboard
OleRun
CreateFileMoniker
CreateGenericComposite
OleSave
OleLoad
GetClassFile
OleCreateLinkToFile
OleCreateFromFile
IsAccelerator
GetRunningObjectTable
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
DoDragDrop
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
OleQueryCreateFromData
OleQueryLinkFromData
OleSetMenuDescriptor
OleRegEnumVerbs
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleCreate
OleTranslateAccelerator

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysAllocString
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayDestroy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SafeArrayGetElemsize
VariantClear
SafeArrayGetDim
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
SafeArrayAllocDescriptor
VarDateFromUdate
SysStringByteLen
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
SystemTimeToVariantTime

wsock32

WSAAsyncSelect
WSAGetLastError
getsockname
send
recv
closesocket
htonl
ioctlsocket
htons
accept
shutdown
listen
inet_ntoa
bind
getsockopt
setsockopt
select
getpeername
connect
sendto
recvfrom
socket
gethostname
gethostbyname
WSACleanup
WSAStartup
WSASetLastError
inet_addr
ntohs

iphlpapi

GetAdaptersInfo

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

winmm

PlaySoundA

avifil32

AVIStreamRead
AVIFileCreateStreamA
AVIStreamSetFormat
AVIFileOpenA
AVIFileInfoA
AVIFileRelease
AVIFileGetStream
AVIStreamInfoA
AVIStreamRelease
AVIStreamReadFormat
AVIStreamStart
AVIStreamLength
AVIFileExit
AVIFileInit
AVIStreamWrite

msvfw32

ICCompress
ICClose
ICDecompress
ICOpen
ICSendMessage
ICGetInfo
ICInfo

Sections

.textbss
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 776KB - Virtual size: 773KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

539cbd0679c865cc30aff3e1f453fb27

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wsock32

iphlpapi

oleacc

winmm

avifil32

msvfw32

Sections

.textbss Size: - Virtual size: 2.3MB

.text Size: 4.8MB - Virtual size: 4.8MB

.rdata Size: 392KB - Virtual size: 389KB

.data Size: 368KB - Virtual size: 399KB

.idata Size: 28KB - Virtual size: 27KB

.rsrc Size: 776KB - Virtual size: 773KB

.textbss
Size: - Virtual size: 2.3MB

.text
Size: 4.8MB - Virtual size: 4.8MB

.rdata
Size: 392KB - Virtual size: 389KB

.data
Size: 368KB - Virtual size: 399KB

.idata
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 776KB - Virtual size: 773KB