f8a183b639b3d50af1905e368d2209c3a2daa884accbbc486565f0eb846aefcb

Sharing

Copy URL Twitter E-mail

General

Target

f8a183b639b3d50af1905e368d2209c3a2daa884accbbc486565f0eb846aefcb
Size

797KB
MD5

0e346906ec67179880d04750a5ff5a4b
SHA1

54684bc175abeaab9f8c7820daee20ebd494db86
SHA256

f8a183b639b3d50af1905e368d2209c3a2daa884accbbc486565f0eb846aefcb
SHA512

9d33efc3387e85c0f4d49e85aebdc892fbc2c012f8bd2770e21b1afaeb361f3841073deebea54efb734bdb353abbdcdd55a4c26990717088201f356d667a9e9b
SSDEEP

12288:hltWsHkXZ0b5QeVbY9mEoBd0aBB6d6tm9/X83pOVxeXSGmAAR:CLYJl0qBli/83gVgXWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8a183b639b3d50af1905e368d2209c3a2daa884accbbc486565f0eb846aefcb

Files

f8a183b639b3d50af1905e368d2209c3a2daa884accbbc486565f0eb846aefcb
.exe windows:6 windows x86 arch:x86

5baa95a80e8e337283fe672faa00a1ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Icesofts\IIME\Iimkit\Release\Iimkit.pdb

Imports

kernel32

LocalFree
WritePrivateProfileStringW
DeviceIoControl
GetDriveTypeW
DeleteCriticalSection
GlobalLock
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GlobalFree
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
Sleep
GetFileType
FreeLibraryAndExitThread
ExitThread
GetStdHandle
GetModuleHandleExW
ExitProcess
VirtualQuery
VirtualProtect
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GlobalAlloc
RtlUnwind
CreateSemaphoreW
ResetEvent
SetEvent
CreateEventW
InitializeCriticalSection
ReleaseSemaphore
GlobalUnlock
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
OutputDebugStringW
CreateThread
FreeLibrary
GetProcAddress
FindResourceW
LoadResource
FindResourceExW
LoadLibraryW
LockResource
FreeResource
SizeofResource
CopyFileW
FindClose
FindNextFileW
FindFirstFileW
GetFileSize
CloseHandle
CreateFileW
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
lstrcatA
VerifyVersionInfoW
VerSetConditionMask
lstrcmpW
GetPrivateProfileStringW
DeleteFileW
WaitForSingleObject
GetTempPathW
GlobalReAlloc
MulDiv
GetLastError
HeapSize
GetCurrentThreadId
InitializeCriticalSectionEx
LeaveCriticalSection
lstrcpyW
IsDebuggerPresent
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetCPInfo
lstrcpynW
lstrlenW
LCMapStringEx
EncodePointer
GetStringTypeW
lstrcpynA
lstrcpyA
lstrlenA
GetSystemInfo
GetSystemDirectoryW
GetCurrentProcess
GetExitCodeProcess
MapViewOfFile
CreateFileMappingW
WideCharToMultiByte
GetModuleHandleW
MoveFileExW
lstrcatW
MultiByteToWideChar
SetFileAttributesW
UnmapViewOfFile
OpenFileMappingW
GetModuleFileNameW
CreateDirectoryW
HeapFree
WaitNamedPipeW
PeekNamedPipe
SetNamedPipeHandleState
EnterCriticalSection
SetLastError
lstrcmpA
GetProcessHeap

user32

wsprintfW
FindWindowW
DialogBoxIndirectParamW
GetDlgCtrlID
ShowWindow
UnionRect
GetWindowThreadProcessId
SetActiveWindow
SwitchToThisWindow
AttachThreadInput
GetForegroundWindow
SetForegroundWindow
UnregisterClassW
EndDialog
SendMessageW
GetDC
GetParent
GetDlgItem
SetDlgItemTextW
MessageBoxW
GetClientRect
SetFocus
IsDlgButtonChecked
GetDlgItemTextW
MapWindowPoints
GetMonitorInfoW
GetActiveWindow
SetWindowLongW
CheckRadioButton
SetWindowPos
GetWindowRect
GetWindow
CallWindowProcW
GetWindowLongW
EnableWindow
CheckDlgButton
SendDlgItemMessageW
VkKeyScanW
PostMessageW
EndPaint
BeginPaint
InvalidateRect
UpdateWindow
SystemParametersInfoW
DrawEdge
SetScrollPos
ScrollWindowEx
GetScrollInfo
FillRect
DestroyWindow
DefWindowProcW
SetScrollInfo
GetClassInfoExW
CreateDialogIndirectParamW
SetRect
MapDialogRect
LoadCursorW
RedrawWindow
IsWindow
RegisterClassExW
GetSystemMetrics
CreateWindowExW
MonitorFromWindow
PtInRect
DrawTextW
ToUnicode
GetKeyboardState
MapVirtualKeyW
GetWindowTextW
SetWindowTextW
InflateRect
GetDesktopWindow
GetWindowTextLengthW
SetParent
GetSysColorBrush
GetSysColor
ReleaseDC

gdi32

GetTextExtentPoint32W
CreatePen
Rectangle
SetBrushOrgEx
CreateDIBSection
GetDIBColorTable
SetDIBColorTable
StretchBlt
GetTextExtentPointW
SetBkColor
SetStretchBltMode
CreateSolidBrush
EnumFontFamiliesW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetViewportOrgEx
SelectObject
GetStockObject
GetDeviceCaps
DeleteDC
SetTextColor
SetBkMode
GetObjectW
DeleteObject
CreateFontIndirectW

comdlg32

ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

advapi32

RegCloseKey
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW

shell32

SHBrowseForFolderW
ord75
ShellExecuteW
ShellExecuteExW
SHGetPathFromIDListW
CommandLineToArgvW
SHGetSpecialFolderPathW

ole32

CLSIDFromString
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal

shlwapi

PathStripPathW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
StrToIntW
PathFileExistsW
StrChrW

gdiplus

GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFillPath
GdipSetTextRenderingHint
GdipDrawPath
GdipDeletePath
GdiplusShutdown
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageI
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromStreamICM
GdipAlloc
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImagePaletteSize
GdipDeleteFont
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipCreatePen1
GdipGetPixelOffsetMode
GdipDeletePen
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateBitmapFromScan0
GdipGetSmoothingMode
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetTextRenderingHint
GdipMeasureString
GdipGetLogFontW
GdipCreateFromHDC
GdipSaveImageToFile
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipSaveImageToStream
GdipGetDpiY
GdipGetDpiX
GdipReleaseDC
GdipGetDC
GdipAddPathArc
GdipAddPathLine
GdipCreatePath
GdipImageRotateFlip
GdipCloneBitmapArea
GdipDrawImageRectRectI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPageUnit
GdipGetCompositingQuality
GdipGetInterpolationMode
GdipGetPageUnit
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipDeleteStringFormat
GdipCloneStringFormat
GdipDrawLineI
GdipStringFormatGetGenericTypographic
GdiplusStartup

msimg32

TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent

wininet

DeleteUrlCacheEntryW

urlmon

URLDownloadToFileW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 545KB - Virtual size: 544KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5baa95a80e8e337283fe672faa00a1ec

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

gdiplus

msimg32

comctl32

wininet

urlmon

version

Sections

.text Size: 545KB - Virtual size: 544KB

.rdata Size: 186KB - Virtual size: 186KB

.data Size: 10KB - Virtual size: 14KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 545KB - Virtual size: 544KB

.rdata
Size: 186KB - Virtual size: 186KB

.data
Size: 10KB - Virtual size: 14KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 24KB - Virtual size: 23KB