9cc056372b65dd3f258f15a908d2d9b0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9cc056372b65dd3f258f15a908d2d9b0N.exe
Size

1.5MB
MD5

9cc056372b65dd3f258f15a908d2d9b0
SHA1

aa3e7825c543ba0641e1e479c9e470ac05c9979a
SHA256

4e09b57b107444f76e2f7921b145dfa7209cec9004708501b789c9d4abf17c1b
SHA512

9ff41130db772c41cedb7b21434bfb9b83bc21e586f854615b397d5c34a8b7dd3bc1813798252e77474e64d5a07f06ca96983e2c56c7b10b1c45e83dee40125f
SSDEEP

24576:JYV8tKq67J18F3AG+XEE5HwKXJtZLGLeL67jFfdoSakAvTHAEEDsDk+uTDPWl/Fj:JY6Kq67J18FwUE5H9QVFTAr0DTrGFj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9cc056372b65dd3f258f15a908d2d9b0N.exe

Files

9cc056372b65dd3f258f15a908d2d9b0N.exe
.exe windows:5 windows x86 arch:x86

f7309483433953822c48313d3887929b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\qtranslate\Bin\QTranslate.pdb

Imports

kernel32

IsDebuggerPresent
OutputDebugStringW
SetEndOfFile
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
ReadConsoleW
FreeLibraryAndExitThread
ExitThread
GetFileAttributesExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
FindNextFileW
FindFirstFileW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
GetSystemDefaultUILanguage
GetSystemTime
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
GetFileSizeEx
SetFilePointer
MoveFileExW
VerifyVersionInfoW
VerSetConditionMask
GetModuleHandleA
InitializeCriticalSection
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryW
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetFileType
GetCurrentThread
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InterlockedIncrement
DeleteFileW
GetFileSize
WriteFile
ReadFile
CreateFileW
GetModuleHandleW
GetCommandLineW
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
LocalFree
FormatMessageW
LCMapStringW
LoadLibraryExA
GetThreadPriority
SetThreadPriority
TerminateThread
ResumeThread
SuspendThread
CreateThread
ResetEvent
WaitForSingleObject
SetEvent
CreateEventW
FreeLibrary
GetProcAddress
LoadLibraryW
DecodePointer
CreateMutexW
WideCharToMultiByte
lstrcmpiW
GetModuleFileNameW
CompareStringW
MultiByteToWideChar
SetLastError
GetLocaleInfoW
Sleep
QueueUserWorkItem
MulDiv
GetCurrentThreadId
GetVersionExW
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
QueryDosDeviceW
CloseHandle
OpenProcess
GetEnvironmentVariableA
GetTimeZoneInformation
FindResourceW
HeapReAlloc
HeapSize
HeapDestroy
GetFileAttributesW
RaiseException
InitializeCriticalSectionAndSpinCount

user32

DrawIconEx
FrameRect
BeginPaint
EndPaint
IsWindow
GetWindowDC
ReleaseDC
GetClientRect
SetRectEmpty
SetTimer
KillTimer
CountClipboardFormats
UnhookWinEvent
SetWinEventHook
SetClipboardData
GetClipboardSequenceNumber
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
MsgWaitForMultipleObjectsEx
PeekMessageW
InvalidateRect
GetIconInfo
GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
GetWindowInfo
IsZoomed
CopyImage
EnumWindows
IsRectEmpty
SetActiveWindow
GetDlgCtrlID
GetMenuState
SendInput
TranslateAcceleratorW
LoadAcceleratorsW
GetAsyncKeyState
SetWindowPlacement
CreateDialogParamW
IsMenu
SetLayeredWindowAttributes
DialogBoxParamW
EndDialog
CheckDlgButton
IsDlgButtonChecked
GetDesktopWindow
GetClassNameW
GetAncestor
SetWindowRgn
LoadImageW
DefWindowProcW
SetWindowLongW
IsWindowUnicode
EnumClipboardFormats
FindWindowW
WindowFromPoint
EnumChildWindows
GetClassInfoExW
RegisterClassExW
RedrawWindow
EqualRect
IntersectRect
PostQuitMessage
MessageBoxW
GetRawInputData
SystemParametersInfoW
RegisterWindowMessageW
GetLastInputInfo
GetGUIThreadInfo
GetWindowLongW
GetDlgItem
SetDlgItemTextW
SetWindowPos
MapWindowPoints
GetParent
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
GetWindow
ScreenToClient
SetWindowTextW
IsChild
IsDialogMessageW
DestroyWindow
GetWindowThreadProcessId
MonitorFromRect
GetComboBoxInfo
GetMessageW
GetSysColor
PostMessageW
MapVirtualKeyW
GetKeyNameTextW
CreateWindowExW
SendMessageW
CheckMenuItem
CheckMenuRadioItem
GetMenuItemInfoW
CreatePopupMenu
LoadMenuW
GetSubMenu
DestroyMenu
SetMenuItemInfoW
AppendMenuW
GetKeyboardLayout
GetForegroundWindow
GetCapture
GetMessagePos
RemoveMenu
EnableMenuItem
GetMenuItemCount
SetForegroundWindow
TrackPopupMenu
GetCursorPos
GetKeyboardLayoutList
VkKeyScanExW
ToUnicodeEx
GetSystemMetrics
RegisterRawInputDevices
RegisterHotKey
UnregisterHotKey
GetDC
DestroyIcon
OffsetRect
SetRect
DrawFocusRect
GetFocus
GetActiveWindow
LoadIconW
SendDlgItemMessageW
SetDlgItemInt
GetKeyState
GetDoubleClickTime
GetDlgItemInt
EnableWindow
InsertMenuItemW
ClientToScreen
GetCursor
LoadCursorW
SetCursor
DrawTextW
CopyRect
MoveWindow
InflateRect
SetFocus
IsIconic
ShowWindow
GetWindowPlacement
MonitorFromPoint
PtInRect
ReleaseCapture
SetCapture
IsWindowEnabled
UnregisterClassW
CallWindowProcW
IsWindowVisible
GetWindowTextLengthW
GetWindowTextW
GetClassLongW

advapi32

CryptReleaseContext
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegCloseKey
CryptDestroyHash
CryptAcquireContextW
CryptGenRandom
CryptCreateHash
CryptHashData
CryptGetHashParam

ole32

OleRun
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
OleUninitialize
OleInitialize
CoCreateInstance

shell32

Shell_NotifyIconW
SHFileOperationW
CommandLineToArgvW
ShellExecuteExW
ShellExecuteW
SHGetFolderPathW
ExtractIconW

oleaut32

SetErrorInfo
GetErrorInfo
CreateErrorInfo
VariantClear
SysStringLen
SysFreeString
SysAllocString
SafeArrayCreateVector
SysAllocStringLen
DispCallFunc
VariantCopyInd
VariantCopy
VariantChangeType
SafeArrayDestroy
VariantInit

shlwapi

ColorRGBToHLS
PathFindExtensionW
PathAppendW
HashData
PathRemoveExtensionW
ColorHLSToRGB
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW

gdi32

ExcludeClipRect
CreatePolygonRgn
IntersectClipRect
CreateRoundRectRgn
CreateRectRgn
GetTextExtentPoint32W
SetViewportOrgEx
GetTextMetricsW
CreateCompatibleBitmap
GetDIBits
GetPixel
ExtTextOutW
SetBkColor
GetStockObject
CreateSolidBrush
RoundRect
CreateBitmap
DeleteDC
GetObjectW
DeleteObject
CreateCompatibleDC
SetPixelV
GetTextColor
LineTo
MoveToEx
CreateFontIndirectW
BitBlt
Rectangle
SelectObject
CreatePen
SetROP2
EnumFontFamiliesExW
GetDeviceCaps
SetTextColor
SetBkMode
SelectClipRgn

psapi

EnumProcesses
GetProcessImageFileNameW

oleacc

AccessibleObjectFromPoint

winhttp

WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpGetProxyForUrl
WinHttpOpen

sensapi

IsNetworkAlive

msimg32

AlphaBlend
GradientFill

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_SetBkColor
_TrackMouseEvent
ord411
ord412
ord410
ord413
ImageList_GetIconSize
ImageList_GetIcon
ImageList_Create

gdiplus

GdipAlloc
GdipDeleteBrush
GdipCloneBrush
GdipCreateLineBrushFromRect
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipFillRectangle
GdipCreateSolidFill
GdipCreatePen2
GdipDeletePen
GdipDrawRectangle
GdipDisposeImage
GdipCreatePath
GdipDeletePath
GdipResetPath
GdipClosePathFigure
GdipAddPathLine
ord1
GdipDrawPath
GdipFillPath
GdipCloneImage
GdipSaveImageToFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromHBITMAP
GdipCreateHICONFromBitmap
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipCreatePen1
GdipFree

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

bass

BASS_StreamFree
BASS_RecordInit
BASS_RecordFree
BASS_RecordStart
BASS_ErrorGetCode
BASS_ChannelPlay
BASS_RecordGetInput
BASS_StreamCreateFile
BASS_Init
BASS_Free
BASS_ChannelSetSync
BASS_ChannelStop
BASS_RecordSetDevice

crypt32

CertFreeCertificateContext
CertEnumCertificatesInStore
CertFindCertificateInStore
PFXImportCertStore
CertOpenStore
CryptStringToBinaryW
CryptDecodeObjectEx
CertGetCertificateChain
CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CryptQueryObject
CertFreeCertificateChain
CertFindExtension
CertCreateCertificateChainEngine
CertCloseStore

ws2_32

WSAEnumNetworkEvents
WSAWaitForMultipleEvents
send
WSAResetEvent
WSAEventSelect
WSASetEvent
WSACreateEvent
WSACloseEvent
WSACleanup
WSAGetLastError
accept
listen
htonl
getaddrinfo
freeaddrinfo
ioctlsocket
__WSAFDIsSet
select
bind
WSAIoctl
closesocket
WSASetLastError
getpeername
getsockname
socket
ntohs
connect
getsockopt
htons
setsockopt
recv
WSAStartup

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7309483433953822c48313d3887929b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

psapi

oleacc

winhttp

sensapi

msimg32

comctl32

gdiplus

comdlg32

bass

crypt32

ws2_32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 212KB - Virtual size: 212KB

.data Size: 19KB - Virtual size: 29KB

.rsrc Size: 77KB - Virtual size: 77KB

.reloc Size: 46KB - Virtual size: 46KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 212KB - Virtual size: 212KB

.data
Size: 19KB - Virtual size: 29KB

.rsrc
Size: 77KB - Virtual size: 77KB

.reloc
Size: 46KB - Virtual size: 46KB