f88aeb9e14ecee06423adce1f823cd1c3ec5f82a98b6a353822a4ece76ea8831

Sharing

Copy URL Twitter E-mail

General

Target

f88aeb9e14ecee06423adce1f823cd1c3ec5f82a98b6a353822a4ece76ea8831
Size

14.9MB
MD5

f82254c910c73e51d39db5765f0609f1
SHA1

ddf969748b8c10244f680d51d281cf09f8fba89e
SHA256

f88aeb9e14ecee06423adce1f823cd1c3ec5f82a98b6a353822a4ece76ea8831
SHA512

bb98981da9baba2dbffa13cdf64ac510d123cd9953c1ecf6dd60d4734368958c098209b4a5cd60983f272992059a1bbb294834395d12586e9cbfd1366a764eb7
SSDEEP

393216:6GGIh2r6JOV4FbvqxL85PEqQ4Un0QZ2jtJvZ6T:6F6JOV4Fbvq9Wcq60q2jNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f88aeb9e14ecee06423adce1f823cd1c3ec5f82a98b6a353822a4ece76ea8831

Files

f88aeb9e14ecee06423adce1f823cd1c3ec5f82a98b6a353822a4ece76ea8831
.exe windows:5 windows x86 arch:x86

3246235e681e9447d9864bc4bb4f1331

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\work\mcu\new_duilib\Predator\Predator\Release_u\Predator.pdb

Imports

dbghelp

MiniDumpWriteDump

kernel32

OutputDebugStringW
GetProcessHeap
SetEndOfFile
CreateFileA
SetStdHandle
WriteConsoleW
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStringTypeW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
FatalAppExitA
GetFileType
SetHandleCount
HeapDestroy
HeapCreate
HeapSize
IsValidCodePage
Sleep
IsProcessorFeaturePresent
GetLocaleInfoW
lstrcpyW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
LCMapStringW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MoveFileA
HeapAlloc
HeapFree
RtlUnwind
DecodePointer
EncodePointer
InitializeCriticalSection
InterlockedExchange
GetLocalTime
GetOEMCP
lstrcpynW
FormatMessageW
LocalFree
OpenProcess
VerSetConditionMask
CloseHandle
GetCurrentProcess
GetStdHandle
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
VerifyVersionInfoW
WriteFile
SetFileTime
GetFileAttributesW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
GlobalAlloc
ExitProcess
MulDiv
GetTickCount
GlobalLock
GlobalUnlock
SetCurrentDirectoryW
GetCurrentDirectoryW
GetACP
GetFileSize
ReadFile
WideCharToMultiByte
FreeResource
LockResource
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW
DeleteFileW
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
GetTempPathW
lstrlenW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetSystemDefaultLangID
CreateThread
SetThreadPriority
LoadLibraryW
GetProcAddress
GetModuleHandleW
CopyFileW
SetUnhandledExceptionFilter

user32

SetForegroundWindow
GetKeyboardLayout
MapVirtualKeyExW
GetKeyNameTextW
GetCaretBlinkTime
CreatePopupMenu
AppendMenuW
EnableMenuItem
TrackPopupMenu
DestroyMenu
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowRgn
MonitorFromPoint
DrawTextW
SetRect
CharPrevW
FillRect
GetWindowTextW
GetWindowTextLengthW
GetClassInfoExW
RegisterClassW
GetMenu
AdjustWindowRectEx
SetPropW
GetPropW
CallWindowProcW
EnableWindow
wsprintfW
IsWindowEnabled
EqualRect
GetMessageW
TranslateMessage
DispatchMessageW
DrawTextA
wsprintfA
InvalidateRgn
ReleaseCapture
PostQuitMessage
SetCursorPos
ClientToScreen
MoveWindow
GetWindowRect
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExW
GetSystemMetrics
RegisterDeviceNotificationW
GetGUIThreadInfo
SetWindowTextW
MessageBoxW
SetWindowPos
GetMonitorInfoW
MonitorFromWindow
SetFocus
GetActiveWindow
GetWindow
GetUpdateRect
IsWindowVisible
GetSysColor
MapWindowPoints
GetFocus
IsZoomed
GetCursorPos
LoadImageW
SetWindowRgn
IsIconic
ReleaseDC
UpdateLayeredWindow
GetDC
GetClientRect
KillTimer
SetTimer
SendMessageW
ShowWindow
GetParent
CharNextW
UpdateWindow
CreateWindowExW
EndDialog
LoadStringW
FindWindowW
EndPaint
BeginPaint
DialogBoxParamW
DestroyWindow
DefWindowProcW
RegisterClassExW
LoadCursorW
LoadIconW
SystemParametersInfoW
PtInRect
IntersectRect
OffsetRect
IsRectEmpty
SetCursor
SetCapture
InflateRect
UnionRect
GetKeyState
SetWindowLongW
GetWindowLongW
InvalidateRect
IsWindow
CreateAcceleratorTableW
PostMessageW
ScreenToClient

gdi32

DeleteDC
CreateDIBSection
CreateRectRgn
DeleteObject
Rectangle
RestoreDC
BitBlt
CreateRoundRectRgn
CreateSolidBrush
CreatePatternBrush
SetTextColor
SetBkMode
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectObject
StretchBlt
SetStretchBltMode
LineTo
MoveToEx
CreatePenIndirect
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
GetObjectA
GdiFlush
PtInRegion
GetBitmapBits
SetBitmapBits
GetTextExtentPointA
CreateCompatibleDC
CreateFontIndirectW
GetTextMetricsW
GetObjectW
GetStockObject
PlayEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
GetEnhMetaFileHeader
CreateDIBitmap
CreatePen
AddFontMemResourceEx
RemoveFontMemResourceEx
SetWindowOrgEx
CloseEnhMetaFile
CombineRgn
SaveDC
CreateEnhMetaFileW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW

shell32

DragQueryFileW
ShellExecuteW

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
DoDragDrop
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
OleInitialize
OleUninitialize
CoUninitialize

oleaut32

CreateErrorInfo
SysFreeString
VarUI4FromStr
SysAllocString
VariantClear
GetErrorInfo
VariantChangeType
SetErrorInfo
VariantInit

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdiplus

GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipDrawString
GdipMeasureString
GdipDrawImageRectRect
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipCloneImage
GdipCreatePen2
GdipCreateBitmapFromScan0
GdipSetPenStartCap
GdipSetPenEndCap
GdipGetImageGraphicsContext
GdipDrawLine
GdipDrawImageI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawRectangleI
GdipResetWorldTransform
GdipSetWorldTransform
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipReleaseDC
ord1
GdipAddPathLine
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetPenMode
GdipCreateSolidFill
GdipTranslateMatrix
GdipRotateMatrix
GdipSetImageAttributesColorMatrix
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteFont
GdipDeletePath
GdipCreatePath
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipDeleteMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipDrawImageRectI
GdipCreateFromHDC
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipCreateMatrix

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

shlwapi

PathIsDirectoryW
PathFindFileNameW

ws2_32

WSAStartup
gethostname
gethostbyname

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.0MB - Virtual size: 13.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3246235e681e9447d9864bc4bb4f1331

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dbghelp

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

imm32

shlwapi

ws2_32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 356KB - Virtual size: 356KB

.data Size: 13KB - Virtual size: 492KB

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 13.0MB - Virtual size: 13.0MB

.reloc Size: 151KB - Virtual size: 150KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 356KB - Virtual size: 356KB

.data
Size: 13KB - Virtual size: 492KB

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 13.0MB - Virtual size: 13.0MB

.reloc
Size: 151KB - Virtual size: 150KB