f6754d056bd689fb4cea19e4e4bb759d45741f2c39b37a9f6fa8f9189ca64023

Sharing

Copy URL Twitter E-mail

General

Target

f6754d056bd689fb4cea19e4e4bb759d45741f2c39b37a9f6fa8f9189ca64023
Size

9.4MB
MD5

dd0cd208ba2eff242ba5329ca40367cc
SHA1

ad82559d7e3a7f1fd387709df8c1fa2366e83f97
SHA256

f6754d056bd689fb4cea19e4e4bb759d45741f2c39b37a9f6fa8f9189ca64023
SHA512

1eff9d7a03e254c9c15b8a6647ff40027fa7f386e0f6af474944f71802992432bab75351205be00d2e75910dc7de86ac5977e8c3ea22f8bc230d1d4113cf4cd8
SSDEEP

98304:9UNWEEZPeHF9n72PohRFqC8Ve+2qcBaMKXOLyDCslKAg00ibS:9UNZEZPeHF9n7CohRFq3Edq4mKy0iO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6754d056bd689fb4cea19e4e4bb759d45741f2c39b37a9f6fa8f9189ca64023

Files

f6754d056bd689fb4cea19e4e4bb759d45741f2c39b37a9f6fa8f9189ca64023
.exe windows:6 windows x64 arch:x64

ff4812fb7cb5ba61863ac9c131fc7691

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\CI\j\workspace\core\vray_max_build\build\TOOLS\tools\lens_analyzer\lens_analyzer.pdb

Imports

kernel32

HeapFree
HeapReAlloc
GetDateFormatW
GetTimeFormatW
EnumSystemLocalesW
SetEnvironmentVariableA
GetOEMCP
WriteConsoleW
FindFirstFileExA
GetCommandLineW
GetDriveTypeA
GetLogicalDriveStringsA
CreateEventA
WaitForSingleObject
SetEvent
CloseHandle
GetLastError
Sleep
GetTickCount
FindClose
FindFirstFileW
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryExW
LocalFree
FormatMessageA
CreateFileW
FlushFileBuffers
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
ReleaseSemaphore
CreateSemaphoreA
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
GetFullPathNameA
OutputDebugStringW
FormatMessageW
MoveFileExW
OutputDebugStringA
RaiseException
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
ResetEvent
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetThreadPriorityBoost
GetThreadPriority
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleA
GetProcessAffinityMask
SetThreadAffinityMask
GetActiveProcessorGroupCount
GetActiveProcessorCount
GetStdHandle
GetCommandLineA
GetCurrentProcessId
GetModuleHandleExW
GetConsoleScreenBufferInfo
SwitchToThread
GetCurrentDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
DebugBreak
CreateFileA
LocalAlloc
SetErrorMode
ReleaseMutex
CreateMutexA
ExitProcess
GetCurrentThreadId
GetExitCodeThread
ResumeThread
FindFirstFileA
GetFileAttributesA
GetFileTime
GetLongPathNameA
GetTempPathA
GetTempFileNameA
SetCurrentDirectoryA
GetFileType
CopyFileA
SetHandleInformation
CreatePipe
SetNamedPipeHandleState
PeekNamedPipe
GetExitCodeProcess
CreateThread
CreateProcessA
WaitForMultipleObjects
GetEnvironmentVariableA
IsDebuggerPresent
TerminateProcess
GetVersionExW
GetModuleFileNameA
IsValidCodePage
GetCPInfo
GetACP
GetLocaleInfoA
IsValidLocale
GetUserDefaultLCID
FindNextFileA
LoadLibraryA
IsBadReadPtr
IsBadStringPtrA
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
MulDiv
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
ReadConsoleOutputCharacterA
FillConsoleOutputCharacterA
SetConsoleCursorPosition
FreeConsole
AttachConsole
WriteConsoleA
HeapSize
GetProcessHeap
GlobalSize
DuplicateHandle
WaitForSingleObjectEx
EncodePointer
DecodePointer
CreateEventW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
VirtualAlloc
VirtualProtect
VirtualFree
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
RtlPcToFileHeader
RtlUnwindEx
ExitThread
GetDriveTypeW
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetTimeZoneInformation
HeapAlloc

rpcrt4

UuidToStringA
RpcStringFreeA

shlwapi

AssocQueryStringA
SHAutoComplete

msimg32

AlphaBlend
GradientFill

advapi32

RegSetValueExA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

comctl32

ImageList_GetImageInfo
ImageList_Remove
ImageList_Replace
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Add
ImageList_Destroy
ImageList_SetBkColor
ImageList_Create
ord17
ord16
ImageList_GetIconSize
ImageList_Copy
ImageList_GetImageCount
ImageList_Draw

comdlg32

PrintDlgA
ChooseFontA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
PageSetupDlgA

gdi32

EnumFontFamiliesExA
GetSystemPaletteEntries
SetAbortProc
CreateDCA
StartDocA
EndDoc
StartPage
EndPage
CloseEnhMetaFile
CreateEnhMetaFileA
DeleteEnhMetaFile
GetEnhMetaFileA
GetEnhMetaFileHeader
PlayEnhMetaFile
SetBkColor
CreateBitmap
CreateSolidBrush
DeleteObject
SelectObject
SetBkMode
SetTextColor
GetObjectA
CreateFontIndirectA
GetDeviceCaps
GetOutlineTextMetricsA
GetTextMetricsA
CreateRectRgn
ExcludeClipRect
RealizePalette
SelectPalette
SetBrushOrgEx
GdiFlush
ExtCreateRegion
GetRegionData
OffsetRgn
GetCharABCWidthsA
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
CreateICA
GetTextExtentPoint32A
CreatePatternBrush
ExtFloodFill
Arc
Ellipse
GetBkColor
GetClipBox
GetObjectType
GetPixel
GetStockObject
MaskBlt
Pie
PolyPolygon
Rectangle
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPixel
SetPolyFillMode
StretchBlt
StretchDIBits
SetROP2
SetStretchBltMode
GetWorldTransform
SetWorldTransform
ModifyWorldTransform
ExtTextOutA
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateHatchBrush
ExtCreatePen
LineTo
MoveToEx
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
CreateDIBitmap
GetDIBits
CreateDIBSection
GetDIBColorTable
CombineRgn
EqualRgn
GetRgnBox
PtInRegion
RectInRegion
CreateRectRgnIndirect
GetTextExtentExPointA

ole32

CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium
RevokeDragDrop
CoCreateInstance
OleSetClipboard
OleGetClipboard
OleFlushClipboard
CoLockObjectExternal
RegisterDragDrop
OleInitialize
OleIsCurrentClipboard
OleUninitialize

oleaut32

VarBstrFromCy
SysStringLen
SysFreeString

shell32

DragQueryPoint
DragFinish
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
DragQueryFileA
ExtractIconA
DragAcceptFiles
SHGetFileInfoA
ExtractIconExA
SHGetFolderPathA

user32

GetMessageA
ValidateRect
ValidateRgn
IsRectEmpty
RegisterClipboardFormatA
GetClipboardFormatNameA
IsClipboardFormatAvailable
wsprintfA
AdjustWindowRectEx
ShowCursor
TranslateMessage
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjectsEx
GetFocus
MessageBoxA
PostThreadMessageA
TranslateAcceleratorA
WaitForInputIdle
DefWindowProcA
UnregisterClassA
DestroyWindow
PostMessageA
RegisterClassA
CreateWindowExA
BringWindowToTop
DdeInitializeA
DdeUninitialize
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
DdeClientTransaction
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleA
DdeQueryStringA
DdeFreeStringHandle
MsgWaitForMultipleObjects
SetTimer
KillTimer
SetCursor
LoadCursorA
GetKeyState
DrawTextA
GetDC
ReleaseDC
ScreenToClient
GetSysColor
DrawFocusRect
FillRect
PtInRect
GetWindowLongA
SetWindowLongA
GetParent
SetWindowPos
GetSystemMetrics
LoadBitmapA
LoadIconA
LoadImageA
GetIconInfo
RegisterHotKey
UnregisterHotKey
GetMessagePos
GetMessageTime
PostQuitMessage
CallWindowProcA
IsWindow
ShowWindow
AnimateWindow
MoveWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
SetFocus
SendMessageA
GetAsyncKeyState
VkKeyScanA
MapVirtualKeyA
GetCapture
SetCapture
ReleaseCapture
EnableWindow
IsWindowEnabled
GetMenuItemCount
TrackPopupMenu
GetMenuItemInfoA
UpdateWindow
GetUpdateRgn
InvalidateRect
RedrawWindow
ScrollWindow
EnableScrollBar
SetWindowTextA
GetClientRect
GetWindowRect
SetCursorPos
GetCursorPos
ClientToScreen
MapWindowPoints
WindowFromPoint
ChildWindowFromPointEx
InflateRect
GetWindowLongPtrA
SetWindowLongPtrA
SetParent
GetWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
IsDialogMessageA
SetScrollInfo
GetScrollInfo
SystemParametersInfoA
CreateDialogParamA
GetDlgItem
SetWindowRgn
SetLayeredWindowAttributes
FlashWindowEx
GetWindowPlacement
IsIconic
IsZoomed
CreateDialogIndirectParamA
DrawMenuBar
GetSystemMenu
EnableMenuItem
SetForegroundWindow
GetDesktopWindow
CreateIconIndirect
DrawStateA
SetRectEmpty
CopyRect
OffsetRect
GetComboBoxInfo
keybd_event
GetWindowTextLengthA
HideCaret
ChildWindowFromPoint
GetClassInfoA
UnionRect
GetDialogBaseUnits
DrawFrameControl
DrawIconEx
RegisterWindowMessageA
SetMenu
DestroyCursor
DestroyIcon
GetProcessDefaultLayout
GetDoubleClickTime
DrawEdge
GetMenuState
CheckMenuItem
GetSubMenu
GetMenuItemID
SetMenuItemInfoA
GetSysColorBrush
SetRect
CheckMenuRadioItem
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuA
AppendMenuA
ModifyMenuA
RemoveMenu
SetMenuInfo
InsertMenuItemA
FindWindowExA
GetWindowTextA
MessageBeep
GetClassNameA
ChangeDisplaySettingsExA
EnumDisplaySettingsA
MonitorFromPoint
MonitorFromWindow
GetMonitorInfoA
EnumDisplayMonitors
GetWindowDC
BeginPaint
EndPaint
CreateAcceleratorTableA
DestroyAcceleratorTable
GetActiveWindow

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 668KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff4812fb7cb5ba61863ac9c131fc7691

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

rpcrt4

shlwapi

msimg32

advapi32

comctl32

comdlg32

gdi32

ole32

oleaut32

shell32

user32

winspool.drv

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 1.4MB - Virtual size: 1.5MB

.pdata Size: 238KB - Virtual size: 237KB

_RDATA Size: 5KB - Virtual size: 4KB

.rsrc Size: 51KB - Virtual size: 51KB

.reloc Size: 668KB - Virtual size: 672KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 1.4MB - Virtual size: 1.5MB

.pdata
Size: 238KB - Virtual size: 237KB

_RDATA
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 668KB - Virtual size: 672KB