97ad282e710a537d38ce4f4da750ab1e6127dd9ded631088ee4384f570782871

Sharing

Copy URL Twitter E-mail

General

Target

97ad282e710a537d38ce4f4da750ab1e6127dd9ded631088ee4384f570782871
Size

6.0MB
MD5

001fec2ffaef4f679cac29702136c522
SHA1

93cab34d6150cb9a2e9004a90b7793a24c5fa9b7
SHA256

97ad282e710a537d38ce4f4da750ab1e6127dd9ded631088ee4384f570782871
SHA512

522ed2f2d315ada7af3bcb1d01583def64cf65c0af13aa14ca2fdf54524d866b54e3607af18ec769e3419daa13b98a2a5b99221e4684071e3754273a128aaa07
SSDEEP

98304:DVlgIRIagodgNlTzu8UZ8gFVFZV2f/QhKLJSrpguMXszq7NhgjGT+PLlIFLOAkGj:DfgIRCZ9u8A+TLUrpguMXs3GTWLGFLOg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97ad282e710a537d38ce4f4da750ab1e6127dd9ded631088ee4384f570782871

Files

97ad282e710a537d38ce4f4da750ab1e6127dd9ded631088ee4384f570782871
.exe windows:5 windows x86 arch:x86

12f4d7e948327f2f414867adecff36b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\GitLab\CodeTest\C++\AXNInstaller\Release\AXNInstaller.pdb

Imports

winmm

PlaySoundW

kernel32

WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
CreateDirectoryW
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleCP
ReadConsoleW
GetACP
ExitProcess
SetConsoleMode
ReadConsoleInputA
ChangeTimerQueueTimer
GetConsoleMode
SetConsoleCtrlHandler
SetFilePointerEx
SetStdHandle
CreateTimerQueue
VirtualQuery
VirtualAlloc
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
FindFirstFileExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
LCMapStringW
GetStringTypeW
TryEnterCriticalSection
GetExitCodeThread
OutputDebugStringW
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
VirtualFree
InterlockedPopEntrySList
QueryDepthSList
SignalObjectAndWait
SwitchToThread
GetThreadPriority
GetLogicalProcessorInformation
HeapQueryInformation
CreateTimerQueueTimer
UnregisterWaitEx
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetSystemTime
GlobalMemoryStatus
FlushConsoleInputBuffer
PeekNamedPipe
GetStdHandle
GetFileType
GetEnvironmentVariableA
CompareFileTime
GetSystemTimeAsFileTime
MoveFileExW
QueryPerformanceCounter
QueryPerformanceFrequency
SleepEx
GetUserDefaultLCID
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GetTempPathW
GetTempFileNameW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
WaitForMultipleObjects
ReleaseMutex
ReleaseSemaphore
GlobalReAlloc
GetFileSize
GetFileAttributesW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
VerifyVersionInfoW
VerSetConditionMask
LoadLibraryA
GetModuleHandleA
OutputDebugStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
SetLastError
CopyFileW
GlobalSize
GetCurrentProcessId
ResetEvent
SetEvent
GlobalAlloc
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CreateEventW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
WriteFile
CreateFileW
FreeLibrary
LoadLibraryW
GetSystemInfo
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
lstrcpyW
InterlockedIncrement
InterlockedDecrement
FindFirstFileW
RemoveDirectoryW
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetDiskFreeSpaceExW
GetModuleFileNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
LocalFree
FormatMessageW
WaitForSingleObject
GetCurrentThread
SetThreadPriority
GetCurrentProcess
SetPriorityClass
OpenProcess
GetModuleHandleW
GetProcAddress
GetLocalTime
ResumeThread
SuspendThread
GetTickCount
Sleep
lstrcmpiW
lstrlenW
FreeResource
GetCPInfo
GetVersionExW
GetVersion
MultiByteToWideChar
WideCharToMultiByte
GetDriveTypeW
FindResourceW
LoadResource
LockResource
SizeofResource
CloseHandle
GetLastError
CreateMutexW

user32

OpenClipboard
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
SetTimer
KillTimer
CharUpperW
RealChildWindowFromPoint
WaitMessage
MapWindowPoints
CloseClipboard
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
LoadMenuW
EnumDisplayMonitors
GetMonitorInfoW
LoadCursorW
SetCapture
ReleaseCapture
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SetParent
MonitorFromPoint
TrackMouseEvent
IsZoomed
GetAsyncKeyState
GetSystemMenu
NotifyWinEvent
SetCursorPos
UnionRect
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
SetActiveWindow
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
SetClipboardData
EmptyClipboard
IntersectRect
CopyImage
GetKeyNameTextW
MapVirtualKeyW
EnableWindow
DestroyMenu
BringWindowToTop
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
RedrawWindow
GetFocus
IsWindowVisible
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
LoadIconW
SendMessageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
PostMessageW
InvalidateRect
UpdateWindow
CopyRect
GetSysColor
FillRect
DrawEdge
SetRect
GetMenuItemInfoW
DrawTextW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetDesktopWindow
GetDC
ReleaseDC
AppendMenuW
GetMenuItemCount
InsertMenuW
ModifyMenuW
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
RemoveMenu
DeleteMenu
GetSubMenu
TabbedTextOutW
DrawTextExW
GrayStringW
DestroyCursor
GetWindowLongW
IsMenu
GetNextDlgTabItem
GetParent
SetCursor
ClientToScreen
WindowFromPoint
GetActiveWindow
GetWindowRect
InflateRect
DrawFocusRect
OffsetRect
DrawStateW
GetIconInfo
LoadImageW
FrameRect
GetCursorPos
SetForegroundWindow
FlashWindow
GetWindowDC
SetWindowRgn
SetWindowPos
UnregisterClassW
IsWindowEnabled
MessageBoxW
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
BeginPaint
EndPaint
ScreenToClient
PostQuitMessage
SetWindowContextHelpId
GetWindow
MapDialogRect
RegisterWindowMessageW
DrawFrameControl
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
UpdateLayeredWindow
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
SubtractRect
CharUpperBuffW
IsClipboardFormatAvailable
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
HideCaret
InvertRect
GetWindowRgn
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
SetRectEmpty
IsRectEmpty

gdi32

SaveDC
SelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextCharacterExtra
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateEllipticRgn
CreateRectRgnIndirect
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
RestoreDC
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetDIBColorTable
GetCharWidthW
StretchDIBits
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetClipBox
ExcludeClipRect
CreateRectRgn
CreateDCW
CopyMetaFileW
CreatePatternBrush
StretchBlt
FrameRgn
CreateRoundRectRgn
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
Rectangle
CreateHatchBrush
PatBlt
SetPixel
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
CreateSolidBrush
CreatePen
GetBkMode
CreateFontIndirectW
GetTextExtentPoint32W
Ellipse
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetObjectW
GetTextMetricsW
ExtSelectClipRgn
GetPixel

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

CryptDecrypt
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
DeregisterEventSource
RegisterEventSourceA
ReportEventA
CryptAcquireContextA
CryptReleaseContext
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
RegOpenKeyExW
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey

shell32

SHGetDesktopFolder
SHGetMalloc
ShellExecuteW
SHGetSpecialFolderLocation
Shell_NotifyIconW
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage
DragQueryFileW
DragFinish

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent

shlwapi

StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
GetWindowTheme
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
DrawThemeParentBackground
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
OleTranslateAccelerator

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
OleLoadPicture
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString
VarBstrFromDate
OleCreateFontIndirect
VariantCopy

oledlg

OleUIBusyW

gdiplus

GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipFree

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertOpenSystemStoreW
CertOpenStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty

ws2_32

htons
getservbyname
gethostbyname
shutdown
gethostname
ioctlsocket
sendto
recvfrom
freeaddrinfo
getaddrinfo
listen
htonl
accept
select
__WSAFDIsSet
send
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSACleanup
WSAResetEvent
WSAWaitForMultipleEvents
closesocket
WSAGetLastError
recv
bind
connect
getpeername
getsockname
getsockopt
WSAEventSelect
ntohs
setsockopt
socket
WSASetLastError
WSAIoctl
WSAStartup

wldap32

ord46
ord219
ord145
ord26
ord27
ord127
ord14
ord142
ord79
ord133
ord147
ord301
ord208
ord41
ord117
ord167
ord216

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 743KB - Virtual size: 743KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12f4d7e948327f2f414867adecff36b1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

oleacc

imm32

crypt32

ws2_32

wldap32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 743KB - Virtual size: 743KB

.data Size: 70KB - Virtual size: 108KB

.gfids Size: 111KB - Virtual size: 110KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 198KB - Virtual size: 198KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 743KB - Virtual size: 743KB

.data
Size: 70KB - Virtual size: 108KB

.gfids
Size: 111KB - Virtual size: 110KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 198KB - Virtual size: 198KB