57178e5a85f82d2370cba748a935b68e4d0cd46403d751908a4763ff54e2f6e2

Sharing

Copy URL Twitter E-mail

General

Target

57178e5a85f82d2370cba748a935b68e4d0cd46403d751908a4763ff54e2f6e2
Size

7.0MB
MD5

2ceda7fc005a6a0e7e03b83964ce283f
SHA1

f8d5dfe6f84497d1b60d4969cdee3cfef438ddba
SHA256

57178e5a85f82d2370cba748a935b68e4d0cd46403d751908a4763ff54e2f6e2
SHA512

47bae34a29b0ad8ed9aa41ee6c4a73ad08a33417bfa14200d9d5aaf947ff9b0b2c3f0ec4d54923b54d945726122fbe2a5e1df0e0cd81f39ebc0ebe7b436b5552
SSDEEP

98304:mFIyRa3zBqUjx85vOi6PSHuJ/X3FdgsGSHUwYxIDz6cvjUOMoQ83B1TH0ianpD:Xz8WEe/F9bRVOFv8vhw1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57178e5a85f82d2370cba748a935b68e4d0cd46403d751908a4763ff54e2f6e2

Files

57178e5a85f82d2370cba748a935b68e4d0cd46403d751908a4763ff54e2f6e2
.exe windows:4 windows x86 arch:x86

3d278f74bb4d385134e0bada9eae22cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\build\co\ti90Downloadcom\exe\vs\release\english\register\tibld.pdb

Imports

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
GetUserNameW
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
GetUserNameA
SetFileSecurityW
GetSecurityDescriptorOwner
GetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CreateProcessAsUserW
OpenThreadToken
GetTokenInformation
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
AllocateAndInitializeSid
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptGetUserKey
CryptAcquireContextA
CryptImportKey
CryptSetKeyParam
CryptDecrypt
CryptDestroyKey
CryptReleaseContext

kernel32

GetTimeZoneInformation
ResetEvent
SetEvent
WaitForMultipleObjects
CreateEventA
FindCloseChangeNotification
FindNextChangeNotification
WriteFile
FlushFileBuffers
SetEndOfFile
LockFileEx
UnlockFileEx
SetProcessWorkingSetSize
GetProcessWorkingSetSize
DeviceIoControl
SetFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetModuleFileNameW
CompareStringW
FindFirstChangeNotificationW
SetLastError
GetVolumeInformationW
SetFileAttributesW
GetCompressedFileSizeW
MoveFileExW
GetDiskFreeSpaceW
GetModuleFileNameA
CompareStringA
FindFirstChangeNotificationA
SetFileAttributesA
WritePrivateProfileStringA
GetDiskFreeSpaceA
GetVolumeInformationA
EnumResourceLanguagesW
LockResource
LoadResource
FindResourceExW
GetSystemDefaultLangID
EnumResourceNamesW
BackupRead
BackupWrite
GetFileTime
CreateThread
ReleaseMutex
CreateMutexA
GetACP
GetSystemInfo
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreA
ReleaseSemaphore
TerminateThread
SetThreadPriority
WriteConsoleW
GetStdHandle
InterlockedIncrement
InterlockedDecrement
GetThreadLocale
GetExitCodeProcess
GetCurrentThread
CreatePipe
GetExitCodeThread
QueryDosDeviceW
SetEnvironmentVariableA
VirtualAlloc
GetTempFileNameW
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
VirtualFree
LocalFree
FormatMessageW
GetEnvironmentVariableA
LoadLibraryExW
GetEnvironmentVariableW
SetEnvironmentVariableW
LocalAlloc
FormatMessageA
LoadLibraryExA
WriteConsoleA
GetConsoleOutputCP
lstrcmpiW
TerminateProcess
HeapFree
HeapAlloc
GetOEMCP
SetFileApisToANSI
GetCurrentDirectoryW
FindFirstFileW
FindNextFileW
LoadLibraryA
GetProcAddress
GetLocalTime
SystemTimeToFileTime
InterlockedExchange
GetCommandLineA
RtlUnwind
RaiseException
ExitProcess
HeapReAlloc
ExitThread
IsBadReadPtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapSize
SetUnhandledExceptionFilter
GetCPInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLogicalDrives
FindClose
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
OpenProcess
GetCurrentProcess
DuplicateHandle
IsValidCodePage
GetStringTypeA
GetStringTypeW
IsBadWritePtr
VirtualQuery
LCMapStringA
LCMapStringW
GetDriveTypeW
IsBadCodePtr
VirtualProtect
SetStdHandle
GetCurrentProcessId
QueryPerformanceCounter
GetFileInformationByHandle
Sleep
ReadFile
SetFilePointer
WideCharToMultiByte
SetCurrentDirectoryW
CreateFileW
GetLogicalDriveStringsW
GlobalAddAtomA
SetErrorMode
OpenFileMappingA
MulDiv
WaitForSingleObject
GlobalDeleteAtom
GetCurrentThreadId
GetTickCount
CloseHandle
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
lstrcpynA
GetModuleHandleA
GetVersionExA
GetLastError
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
GetStartupInfoA
CreateProcessA
ExpandEnvironmentStringsA
MultiByteToWideChar
OutputDebugStringA
GetFullPathNameA
MoveFileA
CopyFileA
DeleteFileA
GetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
GetShortPathNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetDriveTypeA
GetLogicalDriveStringsA
CreateFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
GetVersion
FreeLibrary
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetStartupInfoW
CreateProcessW
LoadLibraryW
ExpandEnvironmentStringsW
OutputDebugStringW
GetFullPathNameW
MoveFileW
CopyFileW
DeleteFileW
GetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
GetShortPathNameW
GetWindowsDirectoryW
GetTempPathW
GetSystemDirectoryW

user32

CharUpperBuffA
CharUpperBuffW
DrawIconEx
DrawFocusRect
GetIconInfo
DestroyCursor
CreateCursor
CountClipboardFormats
IsClipboardFormatAvailable
GetClipboardData
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardLayout
GetDesktopWindow
LoadIconA
LoadImageA
LoadCursorA
GetWindowThreadProcessId
IsWindow
GetUpdateRect
BeginPaint
EndPaint
GetMessageTime
MapVirtualKeyA
EnumClipboardFormats
GetMessageA
MsgWaitForMultipleObjects
MessageBeep
GetMessagePos
DestroyIcon
ChildWindowFromPoint
TranslateMessage
SetPropA
CreateWindowExA
ReleaseDC
GetDC
WindowFromPoint
GetPropA
GetParent
SetCapture
SetParent
ReleaseCapture
SetCursor
ScrollWindowEx
UpdateWindow
RedrawWindow
InvalidateRect
ClientToScreen
GetCursorPos
ScreenToClient
OpenClipboard
AppendMenuW
AppendMenuA
PostThreadMessageA
FindWindowA
SetForegroundWindow
ExitWindowsEx
CharUpperW
wsprintfW
ModifyMenuW
ModifyMenuA
GetSysColor
CreatePopupMenu
TrackPopupMenu
DestroyMenu
GetWindowDC
EmptyClipboard
SetClipboardData
CloseClipboard
GetClipboardOwner
RemovePropA
DestroyWindow
GetSystemMetrics
SetWindowPlacement
IsWindowEnabled
SetRect
AdjustWindowRectEx
SetWindowPos
IsZoomed
GetSystemMenu
RemoveMenu
EnableMenuItem
CreateIconIndirect
SetActiveWindow
ShowWindow
GetFocus
SetFocus
EnableWindow
DispatchMessageA
PeekMessageA
CreateDialogIndirectParamA
PostMessageA
SendNotifyMessageA
SendMessageA
SetWindowLongA
GetWindowLongA
DefWindowProcA
VkKeyScanExA
VkKeyScanA
WinHelpA
GetClipboardFormatNameA
SystemParametersInfoA
ToAscii
SetWindowTextA
RegisterClipboardFormatA
RegisterClassExA
WinHelpW
VkKeyScanExW
VkKeyScanW
SystemParametersInfoW
SetWindowTextW
GetClipboardFormatNameW
RegisterClipboardFormatW
DispatchMessageW
PeekMessageW
CreateDialogIndirectParamW
PostMessageW
SendNotifyMessageW
SendMessageW
SetWindowLongW
GetWindowLongW
DefWindowProcW
RegisterClassExW
GetWindowPlacement

gdi32

CreateRectRgn
GetRgnBox
CreateCompatibleBitmap
DeleteDC
SelectObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
SetDIBits
SetWindowOrgEx
BitBlt
SetTextColor
SetBkColor
GetObjectA
GetNearestColor
SetPolyFillMode
SetTextAlign
CreateBrushIndirect
ExtCreatePen
SelectClipRgn
GetPixel
SetPixel
TextOutW
SetBkMode
LineTo
MoveToEx
CreatePatternBrush
CreateSolidBrush
PatBlt
SetBrushOrgEx
SetROP2
OffsetClipRgn
ExcludeClipRect
ExtSelectClipRgn
GetClipRgn
GetPolyFillMode
GetBkColor
GetTextColor
GetStockObject
StrokePath
EndPath
BeginPath
Polyline
Rectangle
Arc
FillRgn
Pie
Polygon
GetWindowOrgEx
CreatePen
GetTextExtentPoint32W
CreatePalette
OffsetRgn
CombineRgn
CreateFontIndirectW
GetTextMetricsW
EnumFontFamiliesExW
CreateFontIndirectA
EnumFontFamiliesExA
GetTextMetricsA
GetClipBox
DeleteObject
GdiFlush
GetDeviceCaps
RealizePalette
SelectPalette
TranslateCharsetInfo
CreateBitmap

comctl32

ord17
_TrackMouseEvent
ImageList_GetIcon

shell32

SHGetMalloc
ShellExecuteExA
Shell_NotifyIconA
ShellExecuteExW
SHFormatDrive
SHGetDesktopFolder
ShellExecuteA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteW

comdlg32

GetOpenFileNameA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW

mpr

WNetAddConnection3W
WNetGetUniversalNameA
WNetAddConnection3A
WNetGetUniversalNameW

ole32

OleInitialize
CoUninitialize
CoInitialize
CoCreateInstance

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 428KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d278f74bb4d385134e0bada9eae22cf

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

gdi32

comctl32

shell32

comdlg32

mpr

ole32

version

setupapi

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 428KB - Virtual size: 424KB

.data Size: 72KB - Virtual size: 93KB

.tls Size: 4KB - Virtual size: 2B

.rsrc Size: 288KB - Virtual size: 284KB

.reloc Size: 172KB - Virtual size: 169KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 428KB - Virtual size: 424KB

.data
Size: 72KB - Virtual size: 93KB

.tls
Size: 4KB - Virtual size: 2B

.rsrc
Size: 288KB - Virtual size: 284KB

.reloc
Size: 172KB - Virtual size: 169KB