938b7e042bda75e416261e46d0d4873781fd5d53c2ce6c2748b92eeb8a826598

Sharing

Copy URL Twitter E-mail

General

Target

938b7e042bda75e416261e46d0d4873781fd5d53c2ce6c2748b92eeb8a826598
Size

1.9MB
MD5

c318036044f10d288cedac36d81a611b
SHA1

442245535cd0c4876f784a28fdbf6a32bb70e220
SHA256

938b7e042bda75e416261e46d0d4873781fd5d53c2ce6c2748b92eeb8a826598
SHA512

6043678915f0893b3fbca5633dc1effe2e27d0f25eb1da413b14b93aa4204334b8792fee3e67bbfc905cc0130748afbec6fc6aaf834fe7c168a430bd06d769da
SSDEEP

24576:MDXpgvsPjx71gWufN62I520/hjlB6iTzKF+iZpWWt5YY7tOvkIOTUQvb7Mhh21:MDevYxSNudSrZpWKd7tOvJOpb7K81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
938b7e042bda75e416261e46d0d4873781fd5d53c2ce6c2748b92eeb8a826598

Files

938b7e042bda75e416261e46d0d4873781fd5d53c2ce6c2748b92eeb8a826598
.exe windows:5 windows x86 arch:x86

e8e837d2e90b52e232aba88021bc9c99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\winapps\5.0\Build\QuickSearch\Release\QuickSearch.pdb

Imports

kernel32

GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetCommandLineW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetComputerNameW
SetFilePointer
ReadFile
GetCurrentProcessId
FreeLibrary
GetVersionExW
GetDiskFreeSpaceExW
GetVolumeInformationW
VerifyVersionInfoW
VerSetConditionMask
LocalFileTimeToFileTime
FindNextFileW
FindClose
FindFirstFileW
GetOverlappedResult
ReadDirectoryChangesW
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
CreateFileW
WriteFile
OutputDebugStringW
SetEvent
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GlobalFree
ResumeThread
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcpyW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateMutexW
GetPrivateProfileStringW
GetLogicalDrives
CloseHandle
GetLongPathNameW
WideCharToMultiByte
lstrlenA
InterlockedExchange
lstrlenW
GetTickCount
TerminateThread
WaitForSingleObject
MultiByteToWideChar
LoadLibraryW
GetFullPathNameA
GetLastError
SetLastError
GetVersion
GetModuleFileNameW
Sleep
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileA
AreFileApisANSI
GetTempPathA
DeleteFileW
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetProcessHeap
UnlockFileEx
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
HeapFree
HeapAlloc
SetEndOfFile
TryEnterCriticalSection
HeapCompact
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameW
ExpandEnvironmentStringsW

user32

InvalidateRect
GetFocus
IsWindowVisible
GetWindowRect
IsWindow
SendMessageW
GetWindowRgnBox
EnumChildWindows
GetSysColorBrush
TrackPopupMenu
CallWindowProcW
DestroyMenu
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
InsertMenuW
CreateMenu
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuState
SetWindowTextW
InsertMenuItemW
DrawIconEx
GetSysColor
GetCursor
EnableWindow
SetWindowPos
SetActiveWindow
LoadAcceleratorsW
SetCapture
ReleaseCapture
ClientToScreen
FillRect
SetMenuDefaultItem
GetDlgCtrlID
TranslateAcceleratorW
GetMenuItemID
GetMenuItemCount
GetKeyState
IsZoomed
GetWindow
IsIconic
GetSystemMetrics
GetSubMenu
LoadMenuW
LoadIconW
RegisterClipboardFormatW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UnregisterHotKey
RegisterHotKey
SetPropW
EnumWindows
PostMessageW
GetPropW
wsprintfW
LoadImageW
DestroyIcon
DrawIcon
GetIconInfo
GrayStringW
DrawTextExW
TabbedTextOutW
MonitorFromPoint
GetMonitorInfoW
MonitorFromRect
SetForegroundWindow
GetLayeredWindowAttributes
PtInRect
GetForegroundWindow
SetRectEmpty
IsRectEmpty
OffsetRect
GetActiveWindow
FrameRect
GetWindowRgn
SetWindowRgn
SetLayeredWindowAttributes
SystemParametersInfoW
TrackMouseEvent
EqualRect
DrawTextW
LoadCursorW
SetCursor
GetParent
CopyRect
SetRect
ReleaseDC
GetDC
RedrawWindow
LoadBitmapW
AppendMenuW
CreatePopupMenu
ScreenToClient
GetCursorPos
GetClientRect
SetTimer
KillTimer
SetWindowLongW
GetWindowLongW

shell32

ord43
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
Shell_NotifyIconW
ord165
SHGetSpecialFolderLocation
CommandLineToArgvW
ord701
SHGetDesktopFolder
ord716
SHFileOperationW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

Exports

Exports

MatchMask

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 771KB - Virtual size: 770KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8e837d2e90b52e232aba88021bc9c99

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1016KB - Virtual size: 1016KB

.rdata Size: 185KB - Virtual size: 188KB

.data Size: 15KB - Virtual size: 72KB

.rsrc Size: 771KB - Virtual size: 770KB

.text
Size: 1016KB - Virtual size: 1016KB

.rdata
Size: 185KB - Virtual size: 188KB

.data
Size: 15KB - Virtual size: 72KB

.rsrc
Size: 771KB - Virtual size: 770KB