2d4bdf08b5a52848ba8b2f9482d3afa245cc025c18d7e05aa93373c7e4ce3448

Sharing

Copy URL Twitter E-mail

General

Target

2d4bdf08b5a52848ba8b2f9482d3afa245cc025c18d7e05aa93373c7e4ce3448
Size

4.6MB
MD5

e765810b0759bf425ea9f48f2d10caf7
SHA1

2f5ec66db1f0934d3b531a19557e7489bee1bec3
SHA256

2d4bdf08b5a52848ba8b2f9482d3afa245cc025c18d7e05aa93373c7e4ce3448
SHA512

8573d4efcc4842a87ef65f61fc0ea4790bd842d2c1ca914976b9bbafb7c9ae2f4e4aaef9190b6b414bbd6c86c377ca7aa39a8e20a1ea54b93e085bc717f5e5fd
SSDEEP

98304:fWCPwmFPJuvsg4e2VbrjPYwtkzyHfuvKKU3/OpZbS:OCrq4eIxHfuvHwOpZbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d4bdf08b5a52848ba8b2f9482d3afa245cc025c18d7e05aa93373c7e4ce3448

Files

2d4bdf08b5a52848ba8b2f9482d3afa245cc025c18d7e05aa93373c7e4ce3448
.exe windows:6 windows x86 arch:x86

3d8d782c3c6d19c02cdfebefdbab0ee3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Download\Download_Trunk\Win\ResearchDownload\Source\DLoader\ResearchDownload_Release\ResearchDownload.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

processflow

WriteDataToFlow
DisconnectDB
ConnectDB
ExitProcessFlow
CheckProcessEnable
InitProcessFlow

unisoc_solution_mes

MES_V2_GetCurrentSeqFileInfo
MES_V2_SendTestEnvironment
MES_V2_SendDatabase
MES_Handle_Create
MES_Handle_Release
MES_New_Guid
MES_Get_Host_MAC
MES_Get_Host_IP
MES_Get_Host_PCName
MES_Get_Host_Os
MES_GetLastError
MES_Login
MES_CheckFlow
MES_SendTestResult
MES_SnInput
MES_V2_SendTestToolInfo

porthound

ReleaseDevHound
CreateDevHound

secbinpack9

CreateSecPacParse

liveupdatesdll

CheckToolVerUpdate

wininet

InternetGetConnectedState

dlframe

CreateDLObj

kernel32

TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetAtomNameW
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FindResourceExW
GetFileAttributesExW
LocalFileTimeToFileTime
SetErrorMode
GetWindowsDirectoryW
VerSetConditionMask
GetThreadLocale
GetProfileIntW
SearchPathW
LocalLock
LocalUnlock
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetStringTypeExW
MoveFileW
TlsSetValue
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetUserDefaultLCID
SystemTimeToFileTime
VirtualAlloc
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetDiskFreeSpaceW
CompareStringA
GetCurrentThread
lstrcmpA
GetVersionExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
ResumeThread
SuspendThread
SetThreadPriority
VirtualProtect
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
lstrcmpiW
OutputDebugStringW
SwitchToThread
LCMapStringW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetCommandLineA
GetCommandLineW
ExitProcess
GetModuleHandleExW
FindFirstFileExW
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
FreeResource
GetCurrentThreadId
EncodePointer
OutputDebugStringA
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
GetComputerNameExW
lstrcpynW
lstrlenW
lstrcatW
lstrcpyW
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
GetSystemInfo
RaiseException
DecodePointer
RemoveDirectoryW
GlobalGetAtomNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
QueryDosDeviceW
CreateNamedPipeW
ConnectNamedPipe
FlushFileBuffers
IsBadWritePtr
IsBadReadPtr
lstrlenA
GetFileTime
UnmapViewOfFile
GetSystemDirectoryW
GetLocalTime
Sleep
CreateEventW
ResetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetTempPathW
WriteFile
SetFilePointer
ReadFile
GetFileSizeEx
GetFileSize
FindNextFileW
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
FindFirstFileW
FindClose
SetEvent
LoadLibraryW
GetProcAddress
GetModuleFileNameW
FreeLibrary
GetLastError
WritePrivateProfileStringW
SetFileAttributesW
GetFileAttributesW
GetPrivateProfileStringW
GetPrivateProfileIntW
FindResourceW
SizeofResource
LockResource
LoadResource
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetPrivateProfileStringA
GetPrivateProfileIntA
OpenMutexA
GetModuleFileNameA
GetTickCount
CreateProcessW
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
GetDriveTypeW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
SetCurrentDirectoryW
VerifyVersionInfoW
WriteConsoleW

user32

DrawEdge
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
UnionRect
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
SetParent
DeleteMenu
TrackMouseEvent
CopyImage
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
GetDialogBaseUnits
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
DestroyIcon
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
CharUpperW
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
IntersectRect
GetMessageW
MapVirtualKeyW
GetKeyNameTextW
MapDialogRect
GetAsyncKeyState
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetRectEmpty
SendDlgItemMessageA
GetWindowThreadProcessId
LoadMenuW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
CopyIcon
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
RegisterWindowMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GetDCEx
LockWindowUpdate
RegisterClipboardFormatW
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
GrayStringW
DrawTextExW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetDesktopWindow
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcW
DrawIcon
PtInRect
OffsetRect
DrawFocusRect
MapWindowPoints
ScreenToClient
GetSystemMetrics
ReleaseCapture
SetCapture
GetCapture
GetMessagePos
DrawFrameControl
UnregisterClassW
GetWindow
GetClassNameW
ReleaseDC
GetDC
LoadImageW
IsRectEmpty
FrameRect
EnumWindows
GetWindowTextW
EnableMenuItem
GetWindowRgn
GetSystemMenu
PeekMessageW
GetKeyState
MessageBeep
SetRect
GetCaretPos
keybd_event
InflateRect
KillTimer
SetTimer
IsWindow
UpdateWindow
PostMessageW
GetFocus
FillRect
CopyRect
IsZoomed
LoadBitmapW
GetClientRect
DrawTextW
DispatchMessageW
TranslateMessage
GetParent
GetWindowRect
LoadIconW
GetSysColor
InvalidateRect
EnableWindow
SendMessageW
SetCursorPos
DestroyCursor
WindowFromDC
CreateMenu
InSendMessage
GetTabbedTextExtentW
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
RedrawWindow
DefMDIChildProcW
GetCursorPos

gdi32

GetTextExtentPoint32W
PolyBezierTo
PolylineTo
SetTextColor
SetBkMode
DeleteObject
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetGraphicsMode
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetBkColor
GetCharWidthW
StretchDIBits
EnumFontFamiliesExW
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
SetDIBColorTable
GetTextColor
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
SetMapperFlags
SetBkColor
SelectPalette
CreateCompatibleBitmap
GetObjectW
TextOutW
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
CreateFontIndirectW
CreateCompatibleDC
BitBlt
SelectObject
GetStockObject
CreateSolidBrush
CreateFontW
SetROP2
SetPolyFillMode
GetLayout
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
CreateEllipticRgn
SetMapMode
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateDIBPatternBrushPt
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateDIBSection
ExtTextOutW
Rectangle
CreatePen
GetTextMetricsW
DeleteDC
SetLayout

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter
GetJobW

advapi32

SetFileSecurityW
CryptReleaseContext
CryptGenRandom
RegCloseKey
RegSetValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
RegEnumValueW
CryptAcquireContextW
GetFileSecurityW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHAddToRecentDocs
ExtractIconW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteExW
ShellExecuteW

comctl32

ImageList_AddMasked
ImageList_GetIconSize
ImageList_Draw
ImageList_DrawEx
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathFileExistsA
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeParentBackground
DrawThemeText
GetThemePartSize
DrawThemeBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
CloseThemeData
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
OpenThemeData

ole32

CoTreatAsClass
WriteClassStg
OleRegEnumVerbs
CreateBindCtx
WriteFmtUserTypeStg
ReadFmtUserTypeStg
OleDuplicateData
ReleaseStgMedium
OleRegGetUserType
SetConvertStg
CoInitializeEx
CoCreateInstance
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
StringFromGUID2
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleRun
CoFreeUnusedLibraries
OleSetClipboard
OleFlushClipboard
CoLockObjectExternal
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoUninitialize
OleUninitialize
OleInitialize
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
OleRegGetMiscStatus
RegisterDragDrop
RevokeDragDrop
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
WriteClassStm
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
GetHGlobalFromILockBytes

oleaut32

VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarDecFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
OleCreateFontIndirect
VarCyFromStr
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayUnaccessData
SafeArrayGetElement
SysFreeString
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetUBound

oledlg

OleUIBusyW

config

Config_GetInstance

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 814KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 755KB - Virtual size: 754KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d8d782c3c6d19c02cdfebefdbab0ee3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

processflow

unisoc_solution_mes

porthound

secbinpack9

liveupdatesdll

wininet

dlframe

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

config

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 814KB - Virtual size: 813KB

.data Size: 41KB - Virtual size: 64KB

.rsrc Size: 755KB - Virtual size: 754KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 814KB - Virtual size: 813KB

.data
Size: 41KB - Virtual size: 64KB

.rsrc
Size: 755KB - Virtual size: 754KB

.rmnet
Size: 56KB - Virtual size: 60KB