3b8d306772b90b8d32a2eb7b500cfbff35231fe04c519ad01e6d30f0e191afd4

Sharing

Copy URL Twitter E-mail

General

Target

3b8d306772b90b8d32a2eb7b500cfbff35231fe04c519ad01e6d30f0e191afd4
Size

2.7MB
MD5

02d6b8365f58327c03c515eb0c1d60ff
SHA1

db835ab8ac65b183423dc1c0cf820c3e8816379c
SHA256

3b8d306772b90b8d32a2eb7b500cfbff35231fe04c519ad01e6d30f0e191afd4
SHA512

ff39f70010ccdd2a4a5e10369cc2476b4d270f891bd3f0f8b5afacd8cce0a2ffc8db59c410fa8fec012136484aca70cc0a849bc70f97500bb8ec403ba7002182
SSDEEP

49152:3Yv8iRVdczBQhbUVztaugcWMAcjPP2WvtniHrHwva4AtszNI:3YkiRr+BQl6augdpcjPP2WVniHrHMK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b8d306772b90b8d32a2eb7b500cfbff35231fe04c519ad01e6d30f0e191afd4

Files

3b8d306772b90b8d32a2eb7b500cfbff35231fe04c519ad01e6d30f0e191afd4
.exe windows:6 windows x86 arch:x86

0e4ca225f5e35a01ca2f7e36824772f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\a\client\client\client\Build\Output\SetupWrapper\SetupWrapper.pdb

Imports

wininet

InternetReadFile
InternetOpenW
InternetOpenUrlW
InternetCloseHandle

advapi32

RegEnumKeyExW
RegQueryValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegEnumValueW
RegOpenKeyW
RegCreateKeyW
RegOpenKeyExW
OpenProcessToken
RegSetValueExW
SetNamedSecurityInfoW
CreateWellKnownSid
SetEntriesInAclW
RegEnumKeyW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
CheckTokenMembership
FreeSid
AllocateAndInitializeSid

kernel32

IsDebuggerPresent
GetStartupInfoW
FindFirstFileExW
GetTimeZoneInformation
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetLocalTime
SetUnhandledExceptionFilter
GetCommandLineA
RtlUnwind
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceFrequency
LCMapStringEx
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetStringTypeW
RaiseException
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
SystemTimeToTzSpecificLocalTime
TerminateProcess
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
Sleep
GetProfileIntW
GetTickCount64
SearchPathW
GetWindowsDirectoryW
lstrcmpiW
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FileTimeToSystemTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
GlobalFlags
WritePrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetCurrentThread
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
GetCurrentProcessId
FormatMessageW
GlobalSize
GlobalAlloc
GlobalFree
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
MulDiv
GlobalLock
GlobalUnlock
GetPrivateProfileStringW
GetVersionExW
GetModuleFileNameW
WideCharToMultiByte
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
GetFileAttributesW
SetFilePointer
SetFileTime
WriteFile
CreateDirectoryW
GetTempFileNameW
CreateThread
LoadLibraryW
OutputDebugStringW
GetTempPathW
GetExitCodeProcess
CopyFileW
GetModuleHandleW
CreateProcessW
LocalFree
GetProcAddress
FindResourceExW
CloseHandle
DeleteFileW
MultiByteToWideChar
DuplicateHandle
CreateFileW
LocalAlloc
WaitForSingleObject
FindClose
GetEnvironmentVariableW
CreatePipe
SetEnvironmentVariableW
DeviceIoControl
GetCurrentProcess
FindNextFileW
FindFirstFileW
ReadFile
OutputDebugStringA
InitializeCriticalSectionEx
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
HeapReAlloc
LockResource
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
WriteConsoleW
SizeofResource
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineW

user32

MapDialogRect
GetAsyncKeyState
CopyImage
GetMenuItemInfoW
DestroyMenu
EnumDisplayMonitors
LoadCursorW
GetSysColorBrush
SetLayeredWindowAttributes
RealChildWindowFromPoint
LoadMenuW
MapVirtualKeyW
GetKeyNameTextW
SetRectEmpty
SendDlgItemMessageA
SystemParametersInfoW
OffsetRect
MessageBeep
IsZoomed
SetCursor
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageW
IntersectRect
InflateRect
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
GetCursorPos
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
CharUpperW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetParent
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
CloseClipboard
GetPropW
SetPropW
SetClipboardData
EmptyClipboard
ModifyMenuW
IsRectEmpty
EnableWindow
IsIconic
PtInRect
GetClientRect
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
WaitMessage
DestroyIcon
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
LoadImageW
UnpackDDElParam
ReuseDDElParam
OpenClipboard
SetParent
SetCapture
ShowScrollBar
GetScrollRange
ReleaseCapture
GetSystemMenu
DeleteMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
LoadIconW
LoadBitmapW
DrawIcon
UnregisterClassW
GetSystemMetrics
SendMessageW
ScreenToClient
InvalidateRect
TrackMouseEvent
MessageBoxW
SendMessageTimeoutW
KillTimer
SetTimer
wsprintfW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
GetSysColor
FillRect
DrawStateW
UpdateWindow
ToUnicodeEx
GetClassNameW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
PostThreadMessageW
CopyAcceleratorTableW
EnumChildWindows
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
SetCursorPos
SetRect
CharUpperBuffW
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
GetUpdateRect
SubtractRect
MapVirtualKeyExW
RemovePropW
IsCharLowerW

gdi32

CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
CreateBitmap
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
BitBlt
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
GetTextExtentPoint32W
CreateRoundRectRgn
CreateDIBSection
GetDIBits
RealizePalette
SetPixel
SetDIBColorTable
GetRgnBox
OffsetRgn
GetTextColor
CreateEllipticRgn
Ellipse
GetBkColor
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
ScaleViewportExtEx
SelectObject
CreateCompatibleDC
PatBlt
StretchBlt
CreateFontW
GetDeviceCaps
DeleteDC
GetStockObject
GetObjectW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteExW
SHGetFolderPathA
ShellExecuteW
SHFileOperationW
SHGetFolderPathW
SHBrowseForFolderW

comctl32

InitCommonControlsEx

shlwapi

StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathIsRelativeW
PathFileExistsW
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
SetWindowTheme
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme

ole32

RevokeDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleGetClipboard
CoInitializeEx
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize
RegisterDragDrop

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantClear

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipBitmapUnlockBits
GdipGetImageWidth
GdiplusShutdown
GdipAlloc
GdipFree
GdipCloneImage
GdipDisposeImage
GdipDrawImageI
GdiplusStartup

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 386KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e4ca225f5e35a01ca2f7e36824772f2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

advapi32

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 386KB - Virtual size: 386KB

.data Size: 24KB - Virtual size: 42KB

.rsrc Size: 493KB - Virtual size: 492KB

.reloc Size: 145KB - Virtual size: 144KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 386KB - Virtual size: 386KB

.data
Size: 24KB - Virtual size: 42KB

.rsrc
Size: 493KB - Virtual size: 492KB

.reloc
Size: 145KB - Virtual size: 144KB