c948b512d2c9fa706b50f851f6252ae35ad03b2c9902bd163d3df366f8170209

Sharing

Copy URL Twitter E-mail

General

Target

c948b512d2c9fa706b50f851f6252ae35ad03b2c9902bd163d3df366f8170209
Size

698KB
MD5

a06a9237d0491f32fde48af2345a476d
SHA1

6bee10ed4167a25a46bd418b3083634dd6bfe350
SHA256

c948b512d2c9fa706b50f851f6252ae35ad03b2c9902bd163d3df366f8170209
SHA512

739b5b99c2c5bbeba5ccbba1754cbeb2a3a925748b8c31022ac9505c3a741b745a06275e7faa0e28a7162e753fc4b5ba36d373d9361b34e00e26cd0c9399a0b1
SSDEEP

12288:iGuk8VciFlhCROZ+hzlkALdkpbfIZpbSeE9Xl1QIR4t7bE9O:iGuk/sCU4zlkA0bfIZpueE1s7bE9O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c948b512d2c9fa706b50f851f6252ae35ad03b2c9902bd163d3df366f8170209

Files

c948b512d2c9fa706b50f851f6252ae35ad03b2c9902bd163d3df366f8170209
.exe windows:6 windows x86 arch:x86

d4ff1ba3a811d61c57affb1a31f0e0e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Git-repo\sogou_release\chrome\src\out\Release_x86\QQBrowserFix.pdb

Imports

kernel32

HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
CreateThread
QueueUserWorkItem
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
CreateMutexW
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
GetProcessHeap
CreateProcessW
CloseHandle
OpenMutexW
SetLastError
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
ChangeTimerQueueTimer
DeleteTimerQueueTimer
CreateTimerQueueTimer
DeleteTimerQueue
CreateTimerQueue
GetTickCount
Sleep
MulDiv
GetModuleHandleW
GetVersionExW
GetProcAddress
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ExpandEnvironmentStringsW
SetFilePointerEx
SetStdHandle
GetCurrentDirectoryW
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStdHandle
ExitProcess
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
RtlUnwind
VirtualFree
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
QueryPerformanceCounter
LCMapStringEx
EncodePointer
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetStringTypeW
DeviceIoControl
SetEvent
GetSystemTimeAsFileTime
TerminateThread
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OutputDebugStringW
FlushInstructionCache
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryExA
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VerifyVersionInfoW
VerSetConditionMask
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
GetModuleFileNameW
LoadLibraryExW
lstrlenW
GlobalFree
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
CreateEventW
GetTempPathW
GetLocalTime
GetShortPathNameW
GetCurrentProcess
OpenProcess
lstrcmpiW
LocalFree
CopyFileW
MoveFileExW
RemoveDirectoryW
GetCurrentProcessId
GetFileAttributesW
GetSystemDirectoryW
LoadLibraryW
CreateDirectoryW
CreateFileW
WriteFile
GetFileSize
ReadFile
GetFullPathNameW
FindResourceExW
GetSystemDefaultLangID
LocalAlloc
K32GetMappedFileNameW
VirtualAlloc

user32

SetRectEmpty
GetSysColor
GetDC
ReleaseDC
GetDesktopWindow
GetWindowRect
MoveWindow
GetClientRect
ScreenToClient
EndDialog
CopyRect
SetWindowLongW
GetWindowLongW
DefWindowProcW
CallWindowProcW
UnregisterClassW
LoadImageW
GetSystemMetrics
SendMessageW
SetWindowPos
MapWindowPoints
GetParent
GetMonitorInfoW
MonitorFromWindow
GetWindow
ShowWindow
IsWindow
PostQuitMessage
PostMessageW
InvalidateRect
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
wsprintfW
DialogBoxParamW
DrawTextW
GetMessageW
TranslateMessage
DispatchMessageW
EnumChildWindows
EndPaint
BeginPaint
IsWindowEnabled
IntersectRect
GetCursorPos
PtInRect
LoadStringW
GetWindowThreadProcessId
FindWindowExW
FindWindowW
IsWindowVisible
SendInput
GetForegroundWindow
SetForegroundWindow
EnumWindows
ClientToScreen
IsRectEmpty
SetWindowRgn
UpdateLayeredWindow
UnionRect
ReleaseCapture
SetCapture
EqualRect
IsZoomed
IsIconic
GetWindowDC
DrawFocusRect
UpdateWindow
SetTimer
KillTimer
OffsetRect
DestroyWindow
SetCursor

gdi32

GetStockObject
CreateDIBSection
SetViewportOrgEx
CreateCompatibleDC
GetObjectW
SaveDC
RestoreDC
GetDeviceCaps
SetBkColor
ExtTextOutW
DeleteObject
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
GetViewportOrgEx
GetClipBox
RectVisible
SelectClipRgn
CreateRectRgnIndirect
BitBlt
DeleteDC
CombineRgn
SetDIBColorTable
GetCurrentObject
MoveToEx
LineTo
GetTextExtentPoint32W
GetTextExtentExPointW
SetBitmapBits
GetBitmapBits

advapi32

RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
TraceEvent
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
GetTokenInformation
IsValidSid
ConvertSidToStringSidW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
LookupAccountNameW
GetUserNameW
GetSidSubAuthority
RegQueryValueExA

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear

shlwapi

PathRemoveBlanksW
PathCombineW
PathRemoveBackslashW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
PathIsDirectoryW
PathFindFileNameW

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipCreateLineBrush
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneBrush
GdipFillEllipseI
GdipCreatePen1
GdipDeletePen
GdipSetPenWidth
GdipDrawEllipseI
GdipGetImageWidth
GdipGetImageHeight
GdiplusShutdown
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipSetImageAttributesWrapMode
GdipDisposeImage
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImageRectRectI
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromResource
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdiplusStartup
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImagePalette

netapi32

Netbios
NetWkstaTransportEnum
NetApiBufferFree

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

htons
htonl

winhttp

WinHttpConnect
WinHttpCloseHandle
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReadData
WinHttpWriteData
WinHttpReceiveResponse
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpOpen

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateGuid
PropVariantClear
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance

Sections

.text
Size: 426KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4ff1ba3a811d61c57affb1a31f0e0e7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

netapi32

version

ws2_32

winhttp

ole32

Sections

.text Size: 426KB - Virtual size: 426KB

.rdata Size: 119KB - Virtual size: 119KB

.data Size: 9KB - Virtual size: 80KB

.rsrc Size: 120KB - Virtual size: 120KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 426KB - Virtual size: 426KB

.rdata
Size: 119KB - Virtual size: 119KB

.data
Size: 9KB - Virtual size: 80KB

.rsrc
Size: 120KB - Virtual size: 120KB

.reloc
Size: 21KB - Virtual size: 21KB