a14feb0ca89ed156d3ef10a4803b876d74691433ae19f5035c2ceba01c2c25d4

Sharing

Copy URL Twitter E-mail

General

Target

a14feb0ca89ed156d3ef10a4803b876d74691433ae19f5035c2ceba01c2c25d4
Size

2.3MB
MD5

e00bffd5211a965db319c8585931fb54
SHA1

81221f789e6321748cc00fa74bfd91ee2baf86a7
SHA256

a14feb0ca89ed156d3ef10a4803b876d74691433ae19f5035c2ceba01c2c25d4
SHA512

9b382236cde06a5f71c9ba192e5e169485018bd3a85291e0f0dccc19ee71c316452dcb56316b38da4c0feec4be7d36406bc135fd1638486dd71b52cf66b25921
SSDEEP

49152:G4fFhUrk0EYYP5zExkjCVzEpYG8OkUaoMgD2+9w674AlDGkMV49:bffUk0EVAaZpYG8OkUaoN2+9wk4AlDGJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a14feb0ca89ed156d3ef10a4803b876d74691433ae19f5035c2ceba01c2c25d4

Files

a14feb0ca89ed156d3ef10a4803b876d74691433ae19f5035c2ceba01c2c25d4
.exe windows:5 windows x86 arch:x86

31ebe73108207321d046723a2d101167

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\myself\2017-09-11\MU900Demo_V11\MU900Demo_V20\Release\MSR600UDemo.pdb

Imports

kernel32

FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
GetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
IsValidCodePage
GetEnvironmentStringsW
SetEnvironmentVariableA
FreeEnvironmentStringsW
WriteConsoleW
ExitProcess
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
GetProfileIntA
SearchPathA
GetWindowsDirectoryA
FindResourceExW
GetTempFileNameA
GetTempPathA
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetCurrentDirectoryA
FileTimeToSystemTime
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
SetThreadPriority
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
GetThreadLocale
GetVolumeInformationA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetVersionExA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GlobalFree
CompareStringA
MultiByteToWideChar
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
EncodePointer
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
PurgeComm
ClearCommError
SetCommState
BuildCommDCBA
GetCommState
SetupComm
SetCommTimeouts
GetCommTimeouts
SetUnhandledExceptionFilter
WriteProcessMemory
GetProcAddress
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
SetThreadUILanguage
GetSystemDefaultLangID
OpenEventA
GetFileAttributesA
GlobalUnlock
GlobalLock
GlobalAlloc
SetEvent
lstrcmpiA
GetTickCount
ReadFile
CancelIo
WriteFile
ResetEvent
CreateEventA
CreateFileA
GetLastError
SetLastError
GetLocalTime
GetModuleFileNameA
Sleep
CloseHandle
WaitForSingleObject
ResumeThread
CreateThread
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
QueryPerformanceFrequency
CreateFileW

user32

CopyImage
RealChildWindowFromPoint
IntersectRect
EnumDisplayMonitors
LoadCursorA
GetSysColorBrush
SetLayeredWindowAttributes
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
ShowOwnedPopups
TranslateMessage
GetMessageA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
CharUpperA
OffsetRect
SetRectEmpty
GetCursorPos
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetAsyncKeyState
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
GetWindowLongA
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetKeyboardLayout
ScrollWindow
ValidateRect
InvalidateRgn
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
EnableWindow
SendMessageA
SetDlgItemTextA
GetParent
GetClassNameA
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
TrackMouseEvent
IsZoomed
LoadMenuW
DeleteMenu
SetWindowRgn
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
CreateWindowExA
GetClassInfoExA
EnableScrollBar
UnionRect
MonitorFromPoint
DestroyIcon
LoadImageW
WaitMessage
CharNextA
CallNextHookEx
CopyAcceleratorTableA
LoadAcceleratorsA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClientRect
PtInRect
SetCapture
InvalidateRect
ReleaseCapture
LoadCursorW
SetCursor
SetWindowLongA
GetDC
ReleaseDC
GetSysColor
RedrawWindow
KillTimer
SetTimer
UpdateWindow
MessageBoxA
LoadIconW
GetSystemMenu
AppendMenuA
RegisterDeviceNotificationA
IsIconic
GetSystemMetrics
DrawIcon
PostMessageA
UnregisterClassA
DrawStateA
FillRect
LoadBitmapW
IsWindow
GetKeyNameTextA
MapVirtualKeyA
CopyRect
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
CreateAcceleratorTableA
DestroyAcceleratorTable
SetCursorPos
SetParent
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
SetRect
GetNextDlgGroupItem
DrawEdge
DrawFrameControl
DrawFocusRect
EndPaint
DrawIconEx
BringWindowToTop
LockWindowUpdate
SetClassLongA
LoadImageA
RegisterClipboardFormatA
CharUpperBuffA
ModifyMenuA
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
PostThreadMessageA
FrameRect
CopyIcon
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
SetScrollPos

gdi32

CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateHatchBrush
EnumFontFamiliesA
GetTextCharsetInfo
GetTextMetricsA
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExA
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
SetTextColor
SetBkColor
PatBlt
CreateRectRgnIndirect
DeleteDC
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectA
GetObjectA
CreateDIBitmap
DeleteObject
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

DragQueryFileA
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
DragFinish
ShellExecuteA
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFileExistsA
StrFormatKBSizeA

uxtheme

IsAppThemed
GetThemePartSize
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent

ole32

IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleTranslateAccelerator

oleaut32

SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantClear
VariantChangeType
SysFreeString
SysAllocStringByteLen
SysStringLen
LoadTypeLi

oledlg

ord8

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces

hid

HidD_GetHidGuid
HidD_GetPreparsedData
HidP_GetCaps
HidP_SetUsages
HidD_GetAttributes

dbghelp

MiniDumpWriteDump

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31ebe73108207321d046723a2d101167

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

setupapi

hid

dbghelp

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 348KB - Virtual size: 347KB

.data Size: 23KB - Virtual size: 47KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 90KB - Virtual size: 89KB

.reloc Size: 129KB - Virtual size: 128KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 348KB - Virtual size: 347KB

.data
Size: 23KB - Virtual size: 47KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 90KB - Virtual size: 89KB

.reloc
Size: 129KB - Virtual size: 128KB