c4712d2d529c4a3f0aae4163fe13b0561a783ea0b7d11c32bca101ab38a81eca

Sharing

Copy URL

Twitter E-mail

General

Target

c4712d2d529c4a3f0aae4163fe13b0561a783ea0b7d11c32bca101ab38a81eca
Size

2.0MB
MD5

fcfcb2dd6e7dfd4338412b7c5a6f5891
SHA1

3e6b25ffa8bcfb4a6efeeadd8b0795d5fcf44609
SHA256

c4712d2d529c4a3f0aae4163fe13b0561a783ea0b7d11c32bca101ab38a81eca
SHA512

827287041df76c17aa2d587a196fb000e284c6182baef22725a347062ab9991795d927bc7302ac97d7989637891da0dda51e9035f54ce92da956485037827876
SSDEEP

49152:qVlXzvVUojsTu2syrDAR2IO5VWxxS01/pel8sDzrqd5v:q3D9Xjmu29nAR2P5VWxxS01cl8sDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4712d2d529c4a3f0aae4163fe13b0561a783ea0b7d11c32bca101ab38a81eca

Files

c4712d2d529c4a3f0aae4163fe13b0561a783ea0b7d11c32bca101ab38a81eca
.exe windows:6 windows x86 arch:x86

723cb1af776043d4224c782a00ae3105

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Promotic\Build\PmRtManager\Release\Win32\PmRtManager.pdb

Imports

httpapi

HttpReceiveHttpRequest
HttpRemoveUrl
HttpAddUrl
HttpCreateHttpHandle
HttpFlushResponseCache
HttpInitialize
HttpSendResponseEntityBody
HttpSendHttpResponse
HttpReceiveRequestEntityBody
HttpTerminate

kernel32

SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
LCMapStringW
WriteConsoleW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
OutputDebugStringW
GetStringTypeW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
GetCurrentDirectoryW
VirtualProtect
GetUserDefaultUILanguage
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
GetVersionExW
GlobalFindAtomW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
lstrcmpW
GlobalFlags
FreeLibrary
GlobalHandle
CreateFileW
GetFileSize
ReadFile
SetFilePointer
CloseHandle
HeapAlloc
HeapFree
GetProcessHeap
ResetEvent
CreateEventW
GetLocalTime
LoadResource
LockResource
SizeofResource
FindResourceW
GetTimeZoneInformation
MultiByteToWideChar
WideCharToMultiByte
CompareFileTime
DeleteFileW
GetFileTime
GetFullPathNameW
WriteFile
GetLastError
WaitForSingleObject
Sleep
GetCurrentProcess
TerminateProcess
InitializeSListHead
lstrcmpiW
CreateThread
CreateProcessW
GetTickCount
GetTickCount64
GetModuleFileNameW
GetModuleHandleW
lstrcpynW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeConsole
DecodePointer
RaiseException
HeapReAlloc
HeapSize
DeleteCriticalSection
SetLastError
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
LocalFree
MulDiv
FormatMessageW
CopyFileW
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetProcAddress
LoadLibraryW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
LoadLibraryA
LocalAlloc
LocalReAlloc
GetCurrentProcessId
CompareStringW
lstrcmpA
GlobalGetAtomNameW
FileTimeToSystemTime
GetCurrentThreadId
SetThreadPriority
ResumeThread
GlobalAddAtomW
FindClose
FindFirstFileW
FlushFileBuffers
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
LoadLibraryExW

user32

SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
NotifyWinEvent
InvertRect
CreateMenu
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
IntersectRect
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetRectEmpty
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
GetWindowDC
EndPaint
InvalidateRect
GetClientRect
GetWindowRect
GetCursorPos
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
PostQuitMessage
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetWindowRgn
DestroyCursor
BeginPaint
AppendMenuW
DestroyMenu
CreatePopupMenu
KillTimer
SetTimer
MsgWaitForMultipleObjects
GetDlgItemTextW
CreateDialogParamW
IsWindowVisible
SetWindowPos
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
SendMessageW
ExitWindowsEx
PeekMessageW
DispatchMessageW
HideCaret
FillRect
CopyRect
OffsetRect
GetDesktopWindow
GetParent
LoadIconW
DestroyIcon
IsDialogMessageW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
TrackPopupMenu
RemoveMenu
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
GetMessageW
TranslateMessage
GetActiveWindow
GetKeyState
ValidateRect
SetWindowsHookExW
CallNextHookEx
CharUpperW
GetDlgCtrlID
GetFocus
SetWindowTextW
ClientToScreen
PostMessageW
PtInRect
GetClassNameW
GetWindow
RealChildWindowFromPoint
SetFocus
SetScrollPos
GetScrollPos
MoveWindow
GetDlgItem
CheckDlgButton
SetWindowLongW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoW
GetClassInfoExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetCapture
GetMenu
SetMenu

gdi32

SetTextColor
CreateBitmap
DeleteObject
DeleteDC
GetDeviceCaps
CreateDCW
CopyMetaFileW
TextOutW
SelectObject
SetBkColor
GetObjectW
GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetTextMetricsW
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetStockObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
ChangeServiceConfig2W
CloseServiceHandle
ControlService
CreateServiceW
DeleteService
OpenSCManagerW
OpenServiceW
RegisterServiceCtrlHandlerW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
OpenProcessToken
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
StartServiceW
StartServiceCtrlDispatcherW
SetServiceStatus

shell32

SHGetKnownFolderPath
SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHBrowseForFolderW
Shell_NotifyIconW

shlwapi

PathFileExistsW
PathIsRootW
PathFindFileNameW
PathCombineW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW

uxtheme

GetThemePartSize
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsAppThemed
GetWindowTheme
GetThemeSysColor

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
OleLockRunning
CoInitialize

oleaut32

SysStringLen
LoadTypeLi
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
VariantInit
SystemTimeToVariantTime
SysFreeString
SysAllocStringLen
SysAllocString

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromScan0

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

723cb1af776043d4224c782a00ae3105

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

httpapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 310KB - Virtual size: 309KB

.data Size: 21KB - Virtual size: 47KB

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 131KB - Virtual size: 130KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 310KB - Virtual size: 309KB

.data
Size: 21KB - Virtual size: 47KB

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 131KB - Virtual size: 130KB