44a089ae62dec51214e0b2981a0d2cf995e87578781e40eb7510633be0be49a8

Sharing

Copy URL Twitter E-mail

General

Target

44a089ae62dec51214e0b2981a0d2cf995e87578781e40eb7510633be0be49a8
Size

3.3MB
MD5

495e9ee82384abdeb3c306a74fea2928
SHA1

27f1ec834e90ec80839cf11d9bb1ebec1bada6c0
SHA256

44a089ae62dec51214e0b2981a0d2cf995e87578781e40eb7510633be0be49a8
SHA512

645f3f05f86cebcdd20c39c9b8f0dd2b3a790f4fedb0dfe8c170b86d672ea47130b6e41f695666bc2f46190bdde376d25f18ddfb6cba71e5f221a90c8113b7e2
SSDEEP

98304:LizQ2xfD3MJKNuB/MDTlHrKE5syV2VpTD527BWG:/2x7+BkfZOE5syV2VpTVQBWG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44a089ae62dec51214e0b2981a0d2cf995e87578781e40eb7510633be0be49a8

Files

44a089ae62dec51214e0b2981a0d2cf995e87578781e40eb7510633be0be49a8
.exe windows:6 windows x86 arch:x86

1e27c94cb2850fd00dbcdea4436e70e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jenkins\WorkSpace\workspace\Win_PassFab for RAR\bin\RAR\SmartKey\Demo\SmartKey_pro\RarPasswordRecovery.pdb

Imports

softwarelog

CreateExportObj
DestroyExportObj

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

sqlite3

sqlite3_step
sqlite3_column_text
sqlite3_open
sqlite3_close
sqlite3_prepare
sqlite3_finalize

passwordcrackerwrap

?FreePasswordCrackObj@PasswordCrackWrap@@YAXW4tagWrapPasswordCrackType@1@PAVIPasswprdCrack@@@Z
?CrearPasswordCrackObj@PasswordCrackWrap@@YAPAVIPasswprdCrack@@W4tagWrapPasswordCrackType@1@@Z

libcurl

curl_easy_perform
curl_easy_getinfo
curl_easy_init
curl_global_init
curl_global_cleanup
curl_easy_pause
curl_easy_cleanup
curl_easy_setopt

bugsplat

??0MiniDmpSender@@QAE@PB_W000K@Z
?setCallback@MiniDmpSender@@QAEXP6A_NIPAX0@Z@Z
??1MiniDmpSender@@UAE@XZ
?sendAdditionalFile@MiniDmpSender@@QAEXPB_W@Z
?getMinidumpPath@MiniDmpSender@@QAEXPA_WI@Z

register

?GetRegisterObj@@YAPAVIRegisterManager@@XZ

securitylaunch

?FreeAntiCrackObj@@YAXPAVIAntiCrack@@@Z
?CreateAntiCrackObj@@YAPAVIAntiCrack@@XZ

agentsupport

?GetLinkManagerObj@TSCommon@@YAPAVILinkManager@1@XZ

kernel32

GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetProfileIntW
SearchPathW
GetTempFileNameW
GetUserDefaultLCID
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualProtect
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetErrorMode
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
FindFirstFileExW
PeekNamedPipe
GetFileType
GetDriveTypeW
RtlUnwind
GetCPInfo
LCMapStringW
GetStringTypeW
SwitchToThread
FindResourceExW
InitializeSListHead
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToSystemTime
lstrcpyW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetPrivateProfileStringW
lstrcmpA
GetCurrentThread
GetThreadLocale
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFileSize
FlushFileBuffers
ResumeThread
SuspendThread
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
GetModuleHandleA
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
SetLastError
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
CopyFileW
FormatMessageW
GetFullPathNameW
CreateFileW
GetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GlobalUnlock
GlobalLock
ResetEvent
WritePrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameA
CreateDirectoryW
CreateMutexW
GetTickCount
DeleteFileW
Sleep
SetEvent
WaitForSingleObject
CreateThread
GlobalAlloc
CloseHandle
GlobalFree
CreateEventW
GetCurrentProcess
GetSystemDefaultLangID
GetNativeSystemInfo
LoadLibraryW
GetVersionExW
GetSystemInfo
OutputDebugStringW
FreeLibrary
GetModuleHandleW
GetTempPathW
GetModuleFileNameW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
LoadLibraryExW
GetProcessHeap
DeleteCriticalSection
GetProcAddress
SetCurrentDirectoryW
DecodePointer
GetCurrentDirectoryW
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
GetEnvironmentVariableW
HeapFree
GetCommandLineA
GetCommandLineW
SetStdHandle
HeapQueryInformation
VirtualAlloc
VirtualQuery
QueryPerformanceFrequency
GetStdHandle
ExitProcess
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetExitCodeProcess
CreateProcessA
CreateProcessW
SetFilePointerEx
ReadConsoleW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
SetEnvironmentVariableW
TerminateProcess

user32

GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadMenuW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
RemoveMenu
InsertMenuW
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
IsWindowEnabled
DispatchMessageW
TranslateMessage
PeekMessageW
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ClientToScreen
SetActiveWindow
EnableMenuItem
AppendMenuW
CreatePopupMenu
DrawIcon
IsIconic
SetCursor
IntersectRect
GetKeyNameTextW
MapVirtualKeyW
CopyAcceleratorTableW
GetMessageW
InvalidateRgn
IsRectEmpty
GetNextDlgGroupItem
IsWindowVisible
IsWindow
GetCursorPos
SetLayeredWindowAttributes
ExitWindowsEx
KillTimer
GetWindowLongW
SetWindowLongW
SetTimer
LoadCursorW
GetMenuItemCount
SetWindowRgn
PtInRect
ScreenToClient
ReleaseDC
GetWindowTextW
GrayStringW
DrawTextExW
TabbedTextOutW
LoadImageW
WindowFromPoint
DestroyMenu
GetMenuItemInfoW
SystemParametersInfoW
CharUpperW
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
TrackMouseEvent
DrawTextW
GetSystemMetrics
InflateRect
DestroyIcon
IsClipboardFormatAvailable
MessageBeep
SetRect
WaitMessage
SetCapture
ReleaseCapture
DeleteMenu
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
UnregisterClassW
EnableWindow
LoadIconW
RedrawWindow
SendMessageW
GetParent
GetWindowRect
InvalidateRect
UpdateWindow
FillRect
CopyRect
DrawStateW
wsprintfW
PostMessageW
GetDC
GetClientRect
FrameRect
GetMenuDefaultItem
EnumDisplayMonitors
SetClassLongW
SetParent
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
CharNextW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor

gdi32

CreateBitmap
GetDeviceCaps
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
DeleteDC
GetClipBox
CreateDCW
CopyMetaFileW
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
ExcludeClipRect
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
LPtoDP
Rectangle
OffsetRgn
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreateRoundRectRgn
CreateDIBSection
SelectObject
RoundRect
DeleteObject
CreatePen
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StretchBlt
CreateFontW
GetTextMetricsW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetCurrentObject
GetObjectW
GetStockObject
SetViewportExtEx
CreateFontIndirectW
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

LookupPrivilegeValueW
RegQueryValueExW
RegCreateKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
AdjustTokenPrivileges
RegOpenKeyExW
OpenProcessToken
RegCloseKey
RegSetValueExW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteW
DragQueryFileW
DragFinish
SHGetDesktopFolder
SHBrowseForFolderW
SHAppBarMessage

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathIsDirectoryW
PathAppendA
PathFindExtensionW
PathAppendW
PathFileExistsW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathIsUNCW

uxtheme

GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemePartSize
IsAppThemed
OpenThemeData
DrawThemeText
DrawThemeParentBackground
GetThemeSysColor
CloseThemeData
DrawThemeBackground
GetThemeColor

ole32

CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CreateStreamOnHGlobal
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitializeEx
StgOpenStorageOnILockBytes

oleaut32

VariantChangeType
SysAllocString
SysAllocStringLen
VariantInit
SysFreeString
VariantClear
LoadTypeLi
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipSetInterpolationMode
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipCreateBitmapFromHBITMAP
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipGetImageThumbnail
GdipDrawImageRectI
GdipDrawImageRectRect
GdiplusStartup
GdipFillPath
GdipDrawPath
GdipSetSmoothingMode
GdipAddPathArc
GdipAddPathLine
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipImageGetFrameCount
GdipCreateBitmapFromStream
GdipFree
GdipAlloc
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectRectI
GdipLoadImageFromFile
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipDeleteBrush
GdiplusShutdown

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 439KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 732KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e27c94cb2850fd00dbcdea4436e70e7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

softwarelog

version

sqlite3

passwordcrackerwrap

libcurl

bugsplat

register

securitylaunch

agentsupport

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 439KB - Virtual size: 438KB

.data Size: 28KB - Virtual size: 46KB

.rsrc Size: 153KB - Virtual size: 152KB

.reloc Size: 732KB - Virtual size: 736KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 439KB - Virtual size: 438KB

.data
Size: 28KB - Virtual size: 46KB

.rsrc
Size: 153KB - Virtual size: 152KB

.reloc
Size: 732KB - Virtual size: 736KB