46b615f2b4e4c96ca2545a206103f5feadf001fe8e504cb73d13cb29492d4319

Sharing

Copy URL Twitter E-mail

General

Target

46b615f2b4e4c96ca2545a206103f5feadf001fe8e504cb73d13cb29492d4319
Size

5.9MB
MD5

3c3f7431ea813be8ffa8bba49c2110ef
SHA1

7a7e9f99e20ba7a47fd5e1e2920edaa729541536
SHA256

46b615f2b4e4c96ca2545a206103f5feadf001fe8e504cb73d13cb29492d4319
SHA512

28f3f5b0f7ed6509f7a4efc990c208329543e74e1ece2e797263d4cc45662b7af003824f4749c6c637870734943bac4a8378dc82802153d8a36fa22cd3b94cc0
SSDEEP

98304:s9oKjczlPrUQbhQk0oEtpri54MHdJzT4RJr6jVAjVUlgvg+1gOgSAi4:s9APrUQGkPIpeZdtWcyI+Kb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46b615f2b4e4c96ca2545a206103f5feadf001fe8e504cb73d13cb29492d4319

Files

46b615f2b4e4c96ca2545a206103f5feadf001fe8e504cb73d13cb29492d4319
.exe windows:6 windows x86 arch:x86

fd915b08e5ec95a1f42994e0f5daeb07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\WorkCode\diagnosistool\Release\DiagnosisTool.pdb

Imports

rpcrt4

UuidToStringW
RpcStringFreeW

user32

CreateWindowExW
BringWindowToTop
PeekMessageW
SendMessageW
DefWindowProcW
UnregisterClassW
DestroyWindow
DispatchMessageW
MsgWaitForMultipleObjects
SetTimer
DdeFreeDataHandle
ShowCursor
AdjustWindowRectEx
IsClipboardFormatAvailable
wsprintfW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
MonitorFromPoint
EnumDisplaySettingsW
ChangeDisplaySettingsExW
GetClipboardFormatNameW
RegisterClipboardFormatW
CheckMenuRadioItem
GetSysColorBrush
GetMenuItemID
CheckMenuItem
DrawFrameControl
DrawEdge
FindWindowExW
ChildWindowFromPoint
GetComboBoxInfo
EndPaint
BeginPaint
GetWindowDC
SetMenuItemInfoW
InsertMenuItemW
SetMenuInfo
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
GetSubMenu
DestroyMenu
CreatePopupMenu
CreateMenu
GetMenuState
ValidateRgn
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetCaretBlinkTime
GetDoubleClickTime
DrawIconEx
ValidateRect
GetMessageW
GetClassNameW
MessageBeep
GetWindowTextW
GetDesktopWindow
UnionRect
DestroyCursor
CopyRect
SetRectEmpty
SetRect
DrawStateW
CreateIconIndirect
DrawFocusRect
DrawTextW
HideCaret
GetWindowTextLengthW
keybd_event
IsMenu
SetWindowRgn
IsRectEmpty
OffsetRect
GetClassInfoW
DestroyIcon
GetDlgItem
CreateDialogParamW
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
IsDialogMessageW
CallNextHookEx
PostMessageW
SetWindowsHookExW
GetWindow
SetParent
GetParent
PtInRect
InflateRect
FillRect
GetSysColor
ChildWindowFromPointEx
WindowFromPoint
MapWindowPoints
DdeGetData
DdeCreateDataHandle
DdeClientTransaction
DdeGetLastError
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
GetKeyState
GetProcessDefaultLayout
LoadBitmapW
LoadIconW
LoadImageW
GetIconInfo
ShowWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
KillTimer
SetCursor
LoadCursorW
DdeInitializeW
DdeUninitialize
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
GetClientRect
EnableScrollBar
PostThreadMessageW
RegisterClassW
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
ScrollWindow
RedrawWindow
InvalidateRect
MessageBoxW
GetUpdateRgn
ReleaseDC
GetDC
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
GetSystemMetrics
IsWindowEnabled
EnableWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
VkKeyScanW
GetAsyncKeyState
GetFocus
GetActiveWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
AnimateWindow
IsWindow
CallWindowProcW
PostQuitMessage
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
TranslateMessage
GetWindowRect
SetMenu
RegisterWindowMessageW
SetWindowLongW
GetWindowLongW
SetWindowTextW
SetForegroundWindow
EnableMenuItem
GetSystemMenu
DrawMenuBar
GetDialogBaseUnits
CreateDialogIndirectParamW
IsZoomed
IsIconic
UnhookWindowsHookEx

gdi32

EndDoc
StartDocW
SetAbortProc
EnumFontFamiliesExW
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
GetSystemPaletteEntries
CreateDCW
GetTextExtentExPointW
GetCharABCWidthsW
SetDIBColorTable
GetDIBColorTable
CreateDIBSection
EndPage
CreateDIBitmap
CreateRectRgnIndirect
RectInRegion
PtInRegion
GetRgnBox
EqualRgn
CombineRgn
CreateHatchBrush
ExtCreatePen
CreatePen
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolyBezier
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
ModifyWorldTransform
SetWorldTransform
GetWorldTransform
SetROP2
StretchDIBits
SetPolyFillMode
SetPixel
StartPage
GetDIBits
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
ExtSelectClipRgn
SelectClipRgn
RoundRect
Rectangle
PolyPolygon
Pie
MaskBlt
GetStockObject
GetPixel
GetObjectType
GetClipBox
Ellipse
Arc
ExtTextOutW
MoveToEx
LineTo
GetBkColor
SetStretchBltMode
StretchBlt
GetTextExtentPoint32W
CreateICW
GetWindowExtEx
GetViewportExtEx
GetGraphicsMode
CreateBitmapIndirect
CreateBitmap
BitBlt
SetTextColor
SetBkMode
SetBkColor
OffsetRgn
GetRegionData
ExtCreateRegion
ExtFloodFill
DeleteDC
CreateSolidBrush
CreatePatternBrush
CreateCompatibleDC
CreateCompatibleBitmap
GetOutlineTextMetricsW
CreateFontIndirectW
GdiFlush
SetBrushOrgEx
SelectPalette
SelectObject
RealizePalette
GetDeviceCaps
ExcludeClipRect
CreateRectRgn
GetObjectW
DeleteObject
GetTextMetricsW

comdlg32

PageSetupDlgW
PrintDlgW
ChooseFontW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

winspool.drv

OpenPrinterW
GetPrinterW
ClosePrinter
DocumentPropertiesW

ole32

CoCreateInstance
OleInitialize
OleUninitialize
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
ReleaseStgMedium
OleSetClipboard
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard

shell32

ord6
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconExW
ExtractIconW
SHGetFolderPathW
CommandLineToArgvW
DragQueryPoint

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
GetUserNameW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW

comctl32

ord17
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ord16
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_GetImageInfo
ImageList_Copy

kernel32

GetNativeSystemInfo
GetVersionExW
TerminateProcess
GetCurrentProcessId
IsDebuggerPresent
GetEnvironmentVariableW
GetSystemTimeAsFileTime
OutputDebugStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
GetExitCodeThread
TerminateThread
SetThreadPriority
GetCurrentThreadId
ExitProcess
Sleep
FindClose
DeleteCriticalSection
LeaveCriticalSection
FindFirstFileW
GetFileAttributesW
GetLongPathNameW
GetACP
HeapSize
GetLocaleInfoW
SetCurrentDirectoryW
GetFileType
CopyFileW
FindNextFileW
GetCommandLineW
ReadFile
WriteFile
SetEvent
CreateEventW
WaitForMultipleObjects
CreateThread
IsBadReadPtr
IsBadStringPtrA
ExpandEnvironmentStringsW
GetUserDefaultUILanguage
GetStdHandle
FreeConsole
GetCPInfo
WriteConsoleA
WriteConsoleW
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
ReadConsoleOutputCharacterA
MulDiv
SetLastError
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
GlobalSize
GlobalHandle
IsValidCodePage
GetLogicalDriveStringsW
QueryPerformanceFrequency
GetStringTypeW
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
SetStdHandle
GetDriveTypeW
GetFullPathNameW
MoveFileExW
DeleteFileW
FlushFileBuffers
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
SetFilePointerEx
HeapAlloc
HeapFree
GetFileSizeEx
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
SetEnvironmentVariableW
SetEndOfFile
AttachConsole
GetOEMCP
GetCurrentDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FindFirstFileExW
GetCommandLineA
GetProcessHeap
EnterCriticalSection
InitializeCriticalSection
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetLastError
SetErrorMode
LoadLibraryExW
LocalFree
FormatMessageW
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemTime
GetLocalTime
GetTempFileNameW
GetModuleHandleW
CreateProcessW
FindResourceW
LoadResource
LockResource
GetTempPathW
GetModuleFileNameW
SizeofResource
IsWow64Process
GetCurrentProcess
GetSystemWindowsDirectoryW
CloseHandle
CreateFileW
DeviceIoControl
GetVolumeInformationW
WaitForSingleObject
GetCurrentThread

oleacc

LresultFromObject

uxtheme

GetThemeSysColor
GetThemeInt
GetThemePartSize
IsAppThemed
IsThemeActive
GetThemeFont
GetThemeMargins
GetCurrentThemeName
GetThemeSysFont
GetThemeBackgroundExtent
DrawThemeParentBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundContentRect
DrawThemeBackground
CloseThemeData
OpenThemeData
SetWindowTheme
IsThemePartDefined

ws2_32

__WSAFDIsSet
htons
select
WSAStartup
socket
recvfrom
sendto
closesocket
bind
WSAIoctl
ntohs
WSAGetLastError

ntdll

RtlIpv6StringToAddressExA
RtlIpv6StringToAddressA
RtlIpv4StringToAddressA
RtlIpv4AddressToStringExA
RtlIpv4StringToAddressExA
RtlIpv6AddressToStringExA
RtlIpv4StringToAddressW

iphlpapi

IcmpCloseHandle
IcmpSendEcho
IcmpCreateFile

crypt32

CryptBinaryToStringW

shlwapi

SHAutoComplete
AssocQueryStringW

msimg32

GradientFill
AlphaBlend

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd915b08e5ec95a1f42994e0f5daeb07

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rpcrt4

user32

gdi32

comdlg32

winspool.drv

ole32

shell32

advapi32

comctl32

kernel32

oleacc

uxtheme

ws2_32

ntdll

iphlpapi

crypt32

shlwapi

msimg32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 53KB - Virtual size: 231KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 274KB - Virtual size: 273KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 53KB - Virtual size: 231KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 274KB - Virtual size: 273KB