80f24653d03c18e9b7cdca3a3e44da0ec506fb56c06bd4483c454170d175d9c7

Sharing

Copy URL Twitter E-mail

General

Target

80f24653d03c18e9b7cdca3a3e44da0ec506fb56c06bd4483c454170d175d9c7
Size

2.0MB
MD5

3bd8dccb83254e273dd4341df3c82470
SHA1

f318b53c2d26b9fc8096a2b2070d28516ebb818c
SHA256

80f24653d03c18e9b7cdca3a3e44da0ec506fb56c06bd4483c454170d175d9c7
SHA512

10fab8ccb7a4c1a27005541219483baf8117f80b73a7a8dfcd9297bbddc063fe166b7dbd1fbd738a8d22fdb5bfc6215f5cd926028469972a8c31f88528c5c137
SSDEEP

49152:dx762aQj8sndDeoTH5rDRRhEb6xvrL25XOa3YbLrE6jjR76B9t6hcfnaxb:q2aQj8iDeE5RRebYrq5+a3Ybc663t6hK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80f24653d03c18e9b7cdca3a3e44da0ec506fb56c06bd4483c454170d175d9c7

Files

80f24653d03c18e9b7cdca3a3e44da0ec506fb56c06bd4483c454170d175d9c7
.exe windows:5 windows x86 arch:x86

909b5931e7362ef96d7cf041e3dd9831

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\VS2010\XSCrossPlatformSigTool\Release\XSCrossPlatformSigTool.pdb

Imports

kernel32

SetEnvironmentVariableA
GetDriveTypeW
WriteConsoleW
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
HeapReAlloc
RaiseException
RtlUnwind
ExitProcess
CreateThread
ExitThread
GetDateFormatW
GetTimeFormatW
GetSystemTimeAsFileTime
HeapFree
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapAlloc
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetCurrentDirectoryW
GetSystemDirectoryW
GlobalGetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
FindNextFileW
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
ReleaseActCtx
CreateActCtxW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
lstrlenA
lstrcmpA
GlobalSize
LocalFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
CompareStringW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
SetLastError
GetThreadLocale
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
DeleteFileA
GetModuleFileNameW
GetCommandLineW
lstrcatW
GetExitCodeProcess
GetCurrentProcess
TerminateProcess
lstrcmpW
WriteFile
WaitForSingleObject
FreeResource
GlobalAlloc
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CloseHandle
FormatMessageW
GetACP
DeleteFileW
GetTempFileNameW
lstrlenW
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
CopyFileW
OutputDebugStringA
OutputDebugStringW
GetTempPathW
FindResourceW
LoadResource
LockResource
SizeofResource
GetTempPathA
GetTempFileNameA
GetLastError
MultiByteToWideChar
FreeLibrary
WideCharToMultiByte
GetProcAddress
LoadLibraryA
GetPrivateProfileStringW

user32

GetSystemMenu
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
LoadCursorW
GetSysColorBrush
CopyImage
RealChildWindowFromPoint
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
ReleaseCapture
SetCapture
InvalidateRgn
IntersectRect
CopyAcceleratorTableW
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CharUpperW
GetSystemMetrics
GetCursorPos
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
LoadMenuW
DrawStateW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetWindowRgn
SetPropW
DestroyAcceleratorTable
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
SetClassLongW
DrawIconEx
DrawEdge
GetScrollRange
SetScrollPos
DrawFrameControl
DrawFocusRect
EnableWindow
SendMessageW
MessageBoxW
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
GetClientRect
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetTimer
KillTimer
WindowFromPoint
MessageBeep
NotifyWinEvent
GetAsyncKeyState
IsZoomed
IsIconic
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
SetMenuDefaultItem
SetWindowLongW
IsWindow
GetDlgItem
GetParent
OffsetRect
PtInRect
GetDlgCtrlID
GetWindow
CharNextW
GetDesktopWindow
LoadIconW
GetMenuDefaultItem
UnregisterClassW
WaitMessage
GetNextDlgGroupItem
DestroyIcon
RegisterClipboardFormatW
GetClassNameW
SetParent
SetRect
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
GetDC
ReleaseDC
FillRect
InvalidateRect
GetSysColor
CopyRect
IsRectEmpty
GetWindowLongW
SetWindowPos
LoadAcceleratorsW
CreateAcceleratorTableW
GetWindowRgn
DrawIcon
DestroyCursor
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
PostThreadMessageW
CharUpperBuffW
CopyIcon
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
FrameRect
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
LoadImageW
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
GetPropW
SetCursorPos

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectW
GetTextExtentPoint32W
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
OffsetRgn
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CopyMetaFileW
GetTextColor
GetBkColor
SetTextColor
SetBkColor
CreateBitmap
RealizePalette
SelectPalette
GetStockObject
CreateDCW
StretchBlt
CreateCompatibleBitmap
CreateSolidBrush
TextOutW
SetBkMode
BitBlt
GetDeviceCaps
CreateDIBSection
GetObjectW
SetDIBColorTable
SelectObject
DeleteDC
PatBlt
CreateCompatibleDC
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegQueryValueExW
CryptGetHashParam
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
RegCloseKey
RegSetValueExW
RegCreateKeyExW
CryptDeriveKey
CryptDecrypt
CryptDestroyKey
CryptAcquireContextA
CryptGetProvParam
CryptGetUserKey
CryptSetProvParam
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
DragQueryFileW
DragFinish
SHAppBarMessage
ShellExecuteExW
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathRemoveFileSpecW

ole32

OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
CoInitialize
CoUninitialize
OleUninitialize
CoTaskMemAlloc
ReleaseStgMedium
CoFreeUnusedLibraries
OleInitialize
CoTaskMemFree
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoCreateGuid

oleaut32

VariantClear
VariantChangeType
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VarBstrFromDate
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipDrawImageRectRectI
GdipGraphicsClear
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdiplusShutdown
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdiplusStartup
GdipLoadImageFromFile

crypt32

CertCreateCertificateContext
CertOpenSystemStoreW
CertEnumCertificatesInStore
CertCompareCertificate
CryptAcquireCertificatePrivateKey
CryptSignMessageWithKey
CertNameToStrA
CryptVerifyMessageSignatureWithKey

xscodetool

XSVerifyAboutLicence

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW
InternetQueryDataAvailable
HttpOpenRequestW
InternetOpenUrlW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

909b5931e7362ef96d7cf041e3dd9831

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

crypt32

xscodetool

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 27KB - Virtual size: 56KB

.rsrc Size: 81KB - Virtual size: 81KB

.reloc Size: 178KB - Virtual size: 177KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 27KB - Virtual size: 56KB

.rsrc
Size: 81KB - Virtual size: 81KB

.reloc
Size: 178KB - Virtual size: 177KB