5b9c8ddc26fee173e69603278b0893614c43c609c29fd22815025d67cf46dc49

Sharing

Copy URL Twitter E-mail

General

Target

5b9c8ddc26fee173e69603278b0893614c43c609c29fd22815025d67cf46dc49
Size

1.4MB
MD5

d28a7aea293c85f0feae834f47a6ea95
SHA1

7f816c61bdd8539c7d5a24b357fdfe2a379079e6
SHA256

5b9c8ddc26fee173e69603278b0893614c43c609c29fd22815025d67cf46dc49
SHA512

700a5d28b564b3e78a1f3716bc94cda41adb8c7edfbe6f6095567fbd195f9cf7fb41ffe1e05fcc683de78fc50272926283e86116f0be831aad05c1ac12292a9c
SSDEEP

24576:KpChWr+qRqHaQ3JafN8mNRnwG9quI/mJey/R6H8C6q//E0XtiF:eSW8mYG9qHy/Rs/D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b9c8ddc26fee173e69603278b0893614c43c609c29fd22815025d67cf46dc49

Files

5b9c8ddc26fee173e69603278b0893614c43c609c29fd22815025d67cf46dc49
.exe windows:6 windows x86 arch:x86

de50b0f5f0fb8c6da794d545ca6c408b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\stylelink-windows\Client\ReleaseStaticRuntime\StyleLinkCartApplication.pdb

Imports

shell32

Shell_NotifyIconA
SHGetDesktopFolder
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHAppBarMessage

comctl32

InitCommonControlsEx
ord17

gdiplus

GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipCloneImage
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImageHorizontalResolution
GdipGetDpiY
GdipScaleWorldTransform
GdipGetImageVerticalResolution
GdipFree
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipGetDpiX

kernel32

SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
HeapFree
HeapAlloc
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
SetEnvironmentVariableW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
RaiseException
RtlUnwind
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
DeleteCriticalSection
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetModuleHandleW
QueryPerformanceFrequency
QueryPerformanceCounter
LCMapStringEx
DecodePointer
EncodePointer
GetCurrentThreadId
TryEnterCriticalSection
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
AreFileApisANSI
SetFilePointerEx
SetEndOfFile
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
OpenProcess
lstrcmpiA
GetComputerNameA
MultiByteToWideChar
ExpandEnvironmentStringsA
OpenSemaphoreA
FreeLibrary
GetWindowsDirectoryA
LoadLibraryA
LoadLibraryExA
MulDiv
CloseHandle
GetCurrentThread
Sleep
ReleaseMutex
CreateFileA
CreateMutexA
GlobalUnlock
GlobalLock
LoadResource
GlobalFree
lstrcpyA
GlobalAlloc
LockResource
GetLastError
SetCurrentDirectoryA
lstrcatA
GetCurrentDirectoryA
lstrlenA
FindResourceA
SizeofResource
GetModuleFileNameA
GetProcAddress
GetVersionExA
ReadFileEx
GetModuleHandleA
WaitForSingleObject
HeapSize
WriteConsoleW
GetLocaleInfoA
GetTimeZoneInformation
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
WriteFile
ReadFile
FormatMessageA
LocalFree
GetCurrentProcess
CreateEventA
SetEvent
ResetEvent
CreateThread
WriteFileEx
WaitForMultipleObjectsEx

user32

SetWindowPos
GetWindowRect
MoveWindow
SetDlgItemTextA
GetWindow
GetWindowThreadProcessId
FindWindowExA
MapWindowPoints
GetIconInfo
CreateIconIndirect
InflateRect
SetWindowRgn
GetClassNameA
WindowFromPoint
IsWindow
OffsetRect
SetTimer
GetDlgCtrlID
IsWindowEnabled
RegisterClassA
DefWindowProcA
GetClassInfoA
KillTimer
PtInRect
ChildWindowFromPoint
SetFocus
SendDlgItemMessageA
SwitchToThisWindow
GetWindowTextA
GetParent
CopyIcon
DestroyCursor
SetCursor
MonitorFromRect
ScreenToClient
GetSystemMetrics
SetMenuItemInfoA
ClientToScreen
GetMonitorInfoA
LockWindowUpdate
BringWindowToTop
SetCapture
LoadIconA
SystemParametersInfoA
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
LoadCursorA
EnumChildWindows
EndDialog
DialogBoxParamA
SetMenu
ModifyMenuA
SetClassLongA
IsIconic
EnableWindow
LoadImageA
DestroyIcon
DrawIconEx
GetMessageA
DispatchMessageA
DestroyWindow
LoadStringA
ShowWindow
TranslateAcceleratorA
IsDialogMessageA
SetWindowLongA
CallWindowProcA
LoadAcceleratorsA
GetWindowLongA
SetWindowTextA
TranslateMessage
CreateDialogParamA
MapDialogRect
PostQuitMessage
EnableMenuItem
FindWindowA
UpdateWindow
GetSystemMenu
LoadMenuA
GetMenu
IsWindowVisible
GetMenuItemCount
PostMessageA
FillRect
TrackPopupMenu
GetSubMenu
RedrawWindow
DrawTextA
MessageBoxA
GetSysColor
DestroyMenu
CreateWindowExA
SendMessageA
GetClientRect
GetDlgItem
GetMenuItemInfoA
InsertMenuItemA
SetForegroundWindow
GetCursorPos
MessageBeep

gdi32

StretchBlt
CreateBitmap
CreateCompatibleBitmap
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
OffsetRgn
CreateRectRgn
SelectClipRgn
CombineRgn
FillRgn
Rectangle
GetTextExtentPoint32A
TextOutA
SetTextJustification
GetTextMetricsA
CreateFontA
GetDeviceCaps
LineTo
MoveToEx
GetObjectA
CreatePen
CreateSolidBrush
BitBlt
CreateDIBSection
CreateCompatibleDC
DeleteDC
SelectObject
CreateBrushIndirect
GetStockObject
SetTextColor
CreateFontIndirectA
SetBkColor
DeleteObject
GetCharWidthA
SetBkMode

comdlg32

GetSaveFileNameA

advapi32

RegSetValueExA
RegQueryValueExA
CloseServiceHandle
OpenSCManagerA
ControlService
OpenServiceA
CryptAcquireContextA
CryptReleaseContext
RegDeleteValueA
RegisterEventSourceA
RegCloseKey
RegCreateKeyExA
CryptCreateHash
CryptHashData
ReportEventA
CryptDestroyHash
RegOpenKeyExA
CryptGetHashParam
DeregisterEventSource

ole32

CreateStreamOnHGlobal

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 797KB - Virtual size: 797KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de50b0f5f0fb8c6da794d545ca6c408b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

comctl32

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

ole32

version

Sections

.text Size: 547KB - Virtual size: 546KB

.rdata Size: 122KB - Virtual size: 121KB

.data Size: 17KB - Virtual size: 97KB

.rsrc Size: 797KB - Virtual size: 797KB

.text
Size: 547KB - Virtual size: 546KB

.rdata
Size: 122KB - Virtual size: 121KB

.data
Size: 17KB - Virtual size: 97KB

.rsrc
Size: 797KB - Virtual size: 797KB