81ce53476f4c9b540638bae58e8c4cf32e303474b2282ab3458d35582e6a7b03

Sharing

Copy URL Twitter E-mail

General

Target

81ce53476f4c9b540638bae58e8c4cf32e303474b2282ab3458d35582e6a7b03
Size

4.9MB
MD5

aacde5fb7437f2ba0dfdb97404685d63
SHA1

b62ce6a37199b220323afc7bc6789af2c85393ea
SHA256

81ce53476f4c9b540638bae58e8c4cf32e303474b2282ab3458d35582e6a7b03
SHA512

a74d0a53b47aab1e3d383621777a57f284d54afa1113053d7826f0c0c81072940175126d10fd985a3c563f1fc14fb1e5fb5b452bcc60083d776a799bffc88d96
SSDEEP

98304:IEsEcyJ6L37eC2wOhZsdq0RABUezUsdrawCv51aO0VwNHcFr5B04t+:IELcbmwODJeArosdJO8l75Bnt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81ce53476f4c9b540638bae58e8c4cf32e303474b2282ab3458d35582e6a7b03

Files

81ce53476f4c9b540638bae58e8c4cf32e303474b2282ab3458d35582e6a7b03
.exe windows:4 windows x86 arch:x86

f6b4be107c9e79b71d4b7fa8ebb315ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\digi\BeeComb070509\Release\NEC_液晶デモ用WXGA\NEC_液晶デモ用WXGA.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

lstrlenW
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
GetCurrentThreadId
IsDBCSLeadByte
SetLastError
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
LoadLibraryExA
GetModuleHandleA
GetCommandLineA
Sleep
GetProcAddress
GetTickCount
GetSystemPowerStatus
UnhandledExceptionFilter
GetVersionExA
ExitProcess
GetStartupInfoA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetFileType
GetFileAttributesA
GetCurrentProcessId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
GetStdHandle
HeapCreate
HeapDestroy
HeapReAlloc
DeleteFileA
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
WideCharToMultiByte
GetModuleFileNameA
GetLongPathNameA
LoadLibraryA
FindResourceA
SizeofResource
LoadResource
LockResource
CreateFileA
WriteFile
CloseHandle
GetLastError
FormatMessageA
LocalFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
MultiByteToWideChar
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

GetClassInfoExA
SendMessageA
GetWindowLongA
LoadCursorA
UnregisterClassA
SetWindowTextA
KillTimer
CharNextA
SetWindowLongA
MessageBoxA
LoadIconA
GetSystemMetrics
FindWindowA
SetForegroundWindow
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
GetForegroundWindow
PeekMessageA
DialogBoxParamA
PostMessageA
SetCursor
GetCursorPos
SystemParametersInfoA
ValidateRect
EndDialog
PostQuitMessage
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
CreateAcceleratorTableA
IsWindow
GetDesktopWindow
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
DestroyWindow
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
CreateWindowExA
RegisterClassExA
DefWindowProcA

gdi32

GetClipBox
GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
StringFromCLSID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree

oleaut32

GetErrorInfo
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
VarUI4FromStr

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6b4be107c9e79b71d4b7fa8ebb315ab

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4.7MB - Virtual size: 4.7MB