c5caabb75e97083b55f2308e155d1f316451ec3bd2d506f6f6a40c343503512c

Sharing

Copy URL Twitter E-mail

General

Target

c5caabb75e97083b55f2308e155d1f316451ec3bd2d506f6f6a40c343503512c
Size

228KB
MD5

504d0ab0c14936368f6c6d6e9b833748
SHA1

a99dc99d9f02cbec75e7065f8b2a2135a6a58b94
SHA256

c5caabb75e97083b55f2308e155d1f316451ec3bd2d506f6f6a40c343503512c
SHA512

f9b4a4aba8ade93a968c44e5da1a739b0d5aabaa6f078096cade1c36175b1dfa38e490171409e63d1d67bd723387da9594a33901170e6685fccc20f826176f93
SSDEEP

1536:XLvI6U5PdKealOaD1qOOdE2Ax1j8pDCLbmCmbnyOTlb99UBFDZ8My22aVkQLUlf6:vU5PUB9YnHpDCgnX0fDpJVdLUlfWiO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5caabb75e97083b55f2308e155d1f316451ec3bd2d506f6f6a40c343503512c

Files

c5caabb75e97083b55f2308e155d1f316451ec3bd2d506f6f6a40c343503512c
.exe windows:4 windows x86 arch:x86

cfa3b34c1d942d53d28f785e210af0f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\creature\MyProjects\OsIndependentAppSample\Debug\OsIndependentAppSample.pdb

Imports

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
InitCommonControlsEx

msimg32

AlphaBlend

winmm

timeEndPeriod
timeKillEvent
timeGetDevCaps
timeSetEvent
timeBeginPeriod
timeGetTime

ole32

CreateStreamOnHGlobal

gdiplus

GdipFree
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipAlloc
GdipCreateBitmapFromStreamICM
GdipDisposeImage
GdipCreateHICONFromBitmap
GdipCreateBitmapFromStream
GdipCloneImage

wininet

InternetGetLastResponseInfoW
InternetOpenUrlW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetQueryDataAvailable
InternetCloseHandle
InternetReadFile

d3dx9_43

D3DXMatrixPerspectiveFovLH
D3DXCreateTextureFromFileW

d3d9

Direct3DCreate9

kernel32

Sleep
InterlockedExchange
InterlockedCompareExchange
RaiseException
DebugBreak
IsDebuggerPresent
lstrlenA
GetProcAddress
LoadLibraryA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
VirtualQuery
GetStartupInfoW
CloseHandle
FlushFileBuffers
WriteFile
HeapFree
HeapSize
HeapAlloc
GetProcessHeap
IsBadReadPtr
ReadFile
GetFileSize
CreateFileW
lstrlenW
GetLastError
MultiByteToWideChar
GetModuleHandleW
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesW
LocalFree
FormatMessageW
GetModuleFileNameW
SetFilePointer
LocalAlloc
GetFileSizeEx
SetFilePointerEx
MulDiv
GlobalFree
GlobalAlloc
GetTickCount
FindClose
FindNextFileW
CompareStringW
FindFirstFileW
GlobalUnlock
GlobalLock
SizeofResource
LockResource
LoadResource
FindResourceW
lstrcmpW
CompareStringA
WideCharToMultiByte
GetLocaleInfoW
WriteConsoleW
GetStdHandle
FreeLibrary

user32

EnableWindow
MessageBoxW
BringWindowToTop
GetKeyState
MoveWindow
GetDesktopWindow
GetDlgItem
SetWindowTextW
CreateDialogParamW
EndDialog
GetClientRect
GetDlgItemTextW
IsWindow
GetWindow
EndPaint
GetWindowDC
ClientToScreen
LoadImageW
GetMenu
RegisterClassW
DefMDIChildProcW
DefFrameProcW
GetMessageW
ShowWindow
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SetMenu
SendMessageW
CharLowerW
DrawEdge
DrawTextExW
FillRect
ValidateRect
GetCursor
GetWindowRect
GetSysColorBrush
SetScrollInfo
SetCursor
GetWindowPlacement
DestroyWindow
CreateWindowExW
SetWindowLongW
RegisterClassExW
GetWindowLongW
PostQuitMessage
DefWindowProcW
GetSystemMetrics
LoadCursorW
GetMenuItemInfoW
SetMenuItemInfoW
GetCursorPos
SetFocus
SetForegroundWindow
TrackPopupMenuEx
LoadIconW
LoadMenuW
DestroyIcon
GetSubMenu
DestroyMenu
GetDC
ReleaseDC
BeginPaint
GetSysColor
TranslateMDISysAccel

gdi32

StretchDIBits
DeleteObject
SetBkMode
SelectClipRgn
CreateRectRgn
SelectObject
GetObjectW
DeleteDC
GetTextMetricsW
CreateCompatibleDC
GetStockObject
GetDeviceCaps
TextOutW
SetTextColor
CreateFontIndirectW

shell32

Shell_NotifyIconW
ExtractIconW

oleaut32

OleLoadPicturePath
OleLoadPicture
OleCreatePictureIndirect

msvcr80d

__wgetmainargs
_amsg_exit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
_CRT_RTC_INITW
asin
acos
tan
atan
sqrt
_snprintf_s
sprintf_s
_gcvt_s
_wtof
malloc
_exit
free
rand_s
srand
rand
_wcslwr_s
strlen
_wcsncoll
strcoll
wcscoll
memmove
_vsnwprintf_s
memcpy
sin
cos
swprintf_s
memset
__CxxFrameHandler3
??2@YAPAXI@Z
??3@YAXPAX@Z
_cexit
exit
_wcmdln
_CrtSetCheckCount
_CrtDbgReportW
_initterm
wcscmp
_initterm_e
_crt_debugger_hook
_except_handler4_common
_controlfp_s
_invoke_watson
_XcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ

Sections

.textbss
Size: - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfa3b34c1d942d53d28f785e210af0f2

Headers

File Characteristics

PDB Paths

Imports

comctl32

msimg32

winmm

ole32

gdiplus

wininet

d3dx9_43

d3d9

kernel32

user32

gdi32

shell32

oleaut32

msvcr80d

Sections

.textbss Size: - Virtual size: 79KB

.text Size: 184KB - Virtual size: 181KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 2KB

.idata Size: 12KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 79KB

.text
Size: 184KB - Virtual size: 181KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 2KB

.idata
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1KB