ac0302d3a6bc2d36f555a80a888aa7b370d1b525ac53b67870b3ec18c6181c70

Sharing

Copy URL

Twitter E-mail

General

Target

ac0302d3a6bc2d36f555a80a888aa7b370d1b525ac53b67870b3ec18c6181c70
Size

895KB
MD5

fd085de95e7255442c0d96f3722a267a
SHA1

73df115b9e49ab8c25ba90b46cfd94ed7ad6b4d8
SHA256

ac0302d3a6bc2d36f555a80a888aa7b370d1b525ac53b67870b3ec18c6181c70
SHA512

a4a7cf57c8f628531fa8009ddf3e712eabc0de1db72f209926a53d5ba2577d2db7778b162006a479c532253254aadbcbb727866def9974de79b7fc72649eb5a6
SSDEEP

12288:E8EVpuSdWxLKEXLLBoJPQgMafKLRhF/dHmNOquGdGw4IL1I9R4NqavVPK:EXVpnWAEXXkfynF/dHka+D6qnc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac0302d3a6bc2d36f555a80a888aa7b370d1b525ac53b67870b3ec18c6181c70

Files

ac0302d3a6bc2d36f555a80a888aa7b370d1b525ac53b67870b3ec18c6181c70
.exe windows:6 windows x86 arch:x86

1914accbc8f85a1763237232543f3937

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Git-repo\qb10frame\chrome\src\out\Release_x86\QQBrowserFix.pdb

Imports

kernel32

OpenMutexW
CloseHandle
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
CreateMutexW
SetLastError
FindFirstFileW
FindNextFileW
SetThreadContext
FindClose
QueueUserWorkItem
CreateThread
HeapFree
DeleteFileW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
ChangeTimerQueueTimer
DeleteTimerQueueTimer
CreateTimerQueueTimer
DeleteTimerQueue
CreateTimerQueue
GetTickCount
Sleep
MulDiv
GetVersionExW
GetModuleHandleW
HeapSize
HeapReAlloc
HeapAlloc
DecodePointer
HeapDestroy
GetProcessHeap
GetThreadContext
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetProcAddress
ExpandEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetFilePointerEx
SetStdHandle
GetCurrentDirectoryW
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStdHandle
ExitProcess
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
RtlUnwind
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
QueryPerformanceCounter
LCMapStringEx
EncodePointer
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetStringTypeW
DeviceIoControl
WaitForMultipleObjects
CreateFileMappingW
SetEvent
GetSystemTimeAsFileTime
TerminateThread
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryExA
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VerifyVersionInfoW
VerSetConditionMask
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
GetModuleFileNameW
LoadLibraryExW
lstrlenW
GlobalFree
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
CreateEventW
GetTempPathW
GetLocalTime
GetShortPathNameW
GetCurrentProcess
OpenProcess
lstrcmpiW
LocalFree
CopyFileW
MoveFileExW
RemoveDirectoryW
GetCurrentProcessId
GetFileAttributesW
GetSystemDirectoryW
LoadLibraryW
CreateDirectoryW
CreateFileW
SetFilePointer
WriteFile
GetFileSize
ReadFile
GetFullPathNameW
FindResourceExW
GetSystemDefaultLangID
LocalAlloc
MapViewOfFile
UnmapViewOfFile
ResumeThread
K32GetMappedFileNameW
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW

user32

MonitorFromWindow
GetWindow
ShowWindow
IsWindow
PostQuitMessage
PostMessageW
InvalidateRect
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
wsprintfW
DialogBoxParamW
DrawTextW
GetMessageW
TranslateMessage
DispatchMessageW
MapWindowPoints
SetWindowPos
SendMessageW
GetSystemMetrics
LoadImageW
UnregisterClassW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
PostThreadMessageW
PeekMessageW
GetMonitorInfoW
LoadStringW
GetWindowThreadProcessId
FindWindowExW
FindWindowW
IsWindowVisible
SendInput
GetForegroundWindow
SetForegroundWindow
EnumWindows
ClientToScreen
SetWindowRgn
UpdateLayeredWindow
IsZoomed
IsIconic
GetWindowDC
DrawFocusRect
UpdateWindow
SetCursor
SetRectEmpty
EnumChildWindows
EndPaint
BeginPaint
IsRectEmpty
IsWindowEnabled
IntersectRect
GetCursorPos
PtInRect
CopyRect
EndDialog
ScreenToClient
GetClientRect
MoveWindow
GetWindowRect
GetDesktopWindow
ReleaseDC
GetDC
GetSysColor
GetParent
OffsetRect
DestroyWindow
KillTimer
SetTimer
EqualRect
SetCapture
ReleaseCapture
UnionRect

gdi32

DeleteObject
CreateRectRgnIndirect
SelectClipRgn
RectVisible
GetClipBox
GetViewportOrgEx
RestoreDC
SaveDC
GetObjectW
CreateCompatibleDC
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
ExtTextOutW
SetBkColor
GetDeviceCaps
DeleteDC
SetViewportOrgEx
CreateDIBSection
GetStockObject
GetBitmapBits
SetBitmapBits
GetTextExtentExPointW
GetTextExtentPoint32W
CombineRgn
SetDIBColorTable
GetCurrentObject
MoveToEx
LineTo
BitBlt

advapi32

OpenProcessToken
RegOpenKeyExA
TraceEvent
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA
LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
IsValidSid
ConvertSidToStringSidW
GetSidIdentifierAuthority
LookupAccountNameW
GetUserNameW
GetSidSubAuthority
GetSidSubAuthorityCount

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString

shlwapi

PathRemoveBlanksW
PathAppendW
PathIsDirectoryW
PathCombineW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
PathRemoveBackslashW

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImageRectRectI
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromResource
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdiplusStartup
GdipCreateImageAttributes
GdiplusShutdown
GdipResetWorldTransform
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImageHeight
GdipGetImageWidth
GdipDrawEllipseI
GdipSetPenWidth
GdipDeletePen
GdipDisposeImage
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreatePen1
GdipFillEllipseI
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateLineBrush
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC

netapi32

NetWkstaTransportEnum
NetApiBufferFree
Netbios

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

htonl
htons

winhttp

WinHttpOpenRequest
WinHttpReceiveResponse
WinHttpOpen
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpWriteData
WinHttpSendRequest
WinHttpConnect
WinHttpReadData
WinHttpAddRequestHeaders

ole32

CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
PropVariantClear

Sections

.text
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1914accbc8f85a1763237232543f3937

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

netapi32

version

ws2_32

winhttp

ole32

Sections

.text Size: 464KB - Virtual size: 464KB

.rdata Size: 125KB - Virtual size: 124KB

.data Size: 9KB - Virtual size: 80KB

.detourc Size: 4KB - Virtual size: 4KB

.detourd Size: 512B - Virtual size: 12B

.rsrc Size: 268KB - Virtual size: 268KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 464KB - Virtual size: 464KB

.rdata
Size: 125KB - Virtual size: 124KB

.data
Size: 9KB - Virtual size: 80KB

.detourc
Size: 4KB - Virtual size: 4KB

.detourd
Size: 512B - Virtual size: 12B

.rsrc
Size: 268KB - Virtual size: 268KB

.reloc
Size: 22KB - Virtual size: 22KB