t:\source\fdsw\fdsapi\Win32\Release\fdsapi32.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4d529ce8aa87ba463010b8ed7b426182c5acd96832ba5f02ab4b77505ea4b7fd.dll
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
4d529ce8aa87ba463010b8ed7b426182c5acd96832ba5f02ab4b77505ea4b7fd.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
4d529ce8aa87ba463010b8ed7b426182c5acd96832ba5f02ab4b77505ea4b7fd
-
Size
2.4MB
-
MD5
07f95a33937f5dc9e0f4b09f3ba3b2be
-
SHA1
a5714d96e318ba9278057d9ab078b206e7da8cd8
-
SHA256
4d529ce8aa87ba463010b8ed7b426182c5acd96832ba5f02ab4b77505ea4b7fd
-
SHA512
a20fab60ffeb6f4c106a5e0052321001cb06f98da3a8fbc164c10fdfb9b53f12b07bf41353ed9e8c6a7d8d0ae518b4a3f6e568ea8531730456493be43a9710df
-
SSDEEP
49152:RrG5cCuYaMm6ekMOXgwd6dU45UJcpLv/TldEwTenoBnctgh6VdNPc8z:RrGefYaAekbXgwd6dU4G8v/eoBncaGd6
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4d529ce8aa87ba463010b8ed7b426182c5acd96832ba5f02ab4b77505ea4b7fd
Files
-
4d529ce8aa87ba463010b8ed7b426182c5acd96832ba5f02ab4b77505ea4b7fd.dll regsvr32 windows:6 windows x86 arch:x86
56750b099c2895e4a72beff9b93b81ce
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
GetCommandLineW
GetCommandLineA
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
InterlockedFlushSList
RtlUnwind
OpenEventA
CompareStringEx
GetLocaleInfoEx
LCMapStringW
LCMapStringEx
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
QueryPerformanceFrequency
GetFileInformationByHandleEx
AreFileApisANSI
SetFilePointerEx
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
CreateFileW
CreateDirectoryW
GetStringTypeW
OutputDebugStringW
CompareStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetTimeZoneInformation
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameA
GetProfileIntA
GetTickCount64
GetWindowsDirectoryA
FindResourceExW
GetACP
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetLocaleInfoW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetConsoleOutputCP
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVersionExA
GlobalFindAtomA
lstrcmpW
LoadLibraryExW
GetSystemDirectoryW
GlobalFlags
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
ResumeThread
SetThreadPriority
SetEvent
FileTimeToSystemTime
lstrcmpA
CompareStringA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
CopyFileA
GlobalSize
SetLastError
VerifyVersionInfoA
MulDiv
LoadLibraryA
GetTempPathA
VerSetConditionMask
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateFileMappingA
FormatMessageW
MapViewOfFileEx
SwitchToThread
DuplicateHandle
DeleteFileA
CreateFileA
LocalAlloc
UnmapViewOfFile
GetSystemTimeAsFileTime
FormatMessageA
LocalFree
GetModuleFileNameW
GetSystemTime
GetSystemInfo
GetCurrentProcessId
GetCurrentProcess
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetVolumeInformationA
FatalAppExitA
IsDBCSLeadByte
FindResourceA
lstrcpyA
LoadLibraryExA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GlobalUnlock
GetModuleFileNameA
FreeLibrary
DisableThreadLibraryCalls
CreateProcessA
GetCurrentThreadId
Sleep
CreateEventA
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
CloseHandle
DecodePointer
EncodePointer
SearchPathA
GetTickCount
GlobalGetAtomNameA
GlobalAddAtomA
lstrcmpiA
GlobalDeleteAtom
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GlobalFree
GlobalLock
user32
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
IntersectRect
InvalidateRect
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
CopyImage
InflateRect
GetMenuItemInfoA
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
PostQuitMessage
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
DefWindowProcA
SendMessageTimeoutA
GetDesktopWindow
WindowFromPoint
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetClientRect
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExA
GetClassInfoA
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
GetSystemMenu
DrawFocusRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
FindWindowExA
PackDDElParam
UnpackDDElParam
FreeDDElParam
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
PostMessageA
IsWindow
SetTimer
KillTimer
ReuseDDElParam
LoadStringA
wsprintfA
GetMessagePos
GetMessageTime
GetDlgItem
CreateDesktopA
OpenDesktopA
SetThreadDesktop
CloseDesktop
GetThreadDesktop
GetProcessWindowStation
GetUserObjectInformationA
RegisterClassA
UnregisterClassA
RegisterClipboardFormatA
CharNextA
CharNextW
MsgWaitForMultipleObjects
CallWindowProcA
CreateWindowExA
DestroyWindow
ShowWindow
IsWindowVisible
IsIconic
BringWindowToTop
GetActiveWindow
EnableWindow
IsWindowEnabled
SetPropA
GetPropA
RemovePropA
SetWindowLongA
GetParent
GetSystemMetrics
SystemParametersInfoA
GetMonitorInfoA
EnumDisplayMonitors
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
UnhookWindowsHookEx
SendMessageA
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
GetWindowTextA
GetWindowTextLengthA
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
DestroyIcon
CharUpperA
GetDlgCtrlID
GetFocus
SetWindowTextA
GetWindowRect
ClientToScreen
PtInRect
GetClassNameA
GetWindow
RealChildWindowFromPoint
SetFocus
SetScrollPos
GetScrollPos
MoveWindow
SetWindowPos
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
SetClassLongA
gdi32
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
CreateFontIndirectA
DeleteDC
GetDeviceCaps
GetTextExtentPoint32A
SelectObject
GetTextMetricsA
GetTextFaceA
CopyMetaFileA
CreateDCA
DeleteObject
CreateBitmap
SetBkColor
SetTextColor
GetObjectA
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
CreateDIBitmap
LineTo
GetObjectType
msimg32
TransparentBlt
AlphaBlend
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
advapi32
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteTreeW
RegDeleteTreeA
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
GetUserNameA
shell32
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
shlwapi
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA
uxtheme
OpenThemeData
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
DrawThemeParentBackground
DrawThemeText
CloseThemeData
ole32
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
oleaut32
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
UnRegisterTypeLi
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysFreeString
SysAllocStringLen
VariantChangeType
VariantCopy
VariantClear
VariantInit
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayCreate
SysAllocStringByteLen
SysAllocString
SysStringByteLen
gdiplus
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdiplusShutdown
GdipDisposeImage
oleacc
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundA
version
VerQueryValueA
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
FDS_ActivateFDSW
FDS_BinConstStr
FDS_BinData
FDS_BinDataLen
FDS_BinDataType
FDS_BinDate
FDS_BinDouble
FDS_BinFloat
FDS_BinLong
FDS_BinNthString
FDS_BinNumElems
FDS_BinShort
FDS_BinString
FDS_BinStructSize
FDS_BinULong
FDS_BinUShort
FDS_BinXtra
FDS_CDateToJulian
FDS_CDateToNumeric
FDS_CancelWait
FDS_CleanupAPI
FDS_DateToJulian
FDS_DoLogoff
FDS_DoLogon
FDS_FetchConstStr
FDS_FetchData
FDS_FetchData2
FDS_FetchDate
FDS_FetchDouble
FDS_FetchFloat
FDS_FetchLong
FDS_FetchShort
FDS_FetchString
FDS_FetchTkrConstStr
FDS_FetchTkrData
FDS_FetchTkrDate
FDS_FetchTkrDouble
FDS_FetchTkrFloat
FDS_FetchTkrLong
FDS_FetchTkrShort
FDS_FetchTkrString
FDS_FetchTkrULong
FDS_FetchTkrUShort
FDS_FetchULong
FDS_FetchUShort
FDS_ForgetQueuedRequests
FDS_GetInfo
FDS_GetLastErrorText
FDS_GetOnline
FDS_GetResults
FDS_GetResults2
FDS_GetResultsConstStr
FDS_GetResultsDate
FDS_GetResultsDouble
FDS_GetResultsFloat
FDS_GetResultsLong
FDS_GetResultsShort
FDS_GetResultsString
FDS_GetResultsULong
FDS_GetResultsUShort
FDS_GetServerMode
FDS_InitializeAPI
FDS_Internal1
FDS_Internal2
FDS_Internal3
FDS_Internal4
FDS_IsOnline
FDS_JulianToCDate
FDS_JulianToCDate1
FDS_JulianToDate
FDS_JulianToWeekday
FDS_LoadParamFile
FDS_QueueInfo
FDS_QueueInfoCallback
FDS_QueueInfoMessage
FDS_QueueRequest
FDS_QueueRequest2
FDS_QueueRequestCallback
FDS_QueueRequestCallback2
FDS_QueueRequestMessage
FDS_QueueTkrRequest
FDS_QueueTkrRequestCallback
FDS_QueueTkrRequestMessage
FDS_QuitFDSW
FDS_RunApplication
FDS_RunAutoKey
FDS_SetAbortCheck
FDS_SetPreference
FDS_SetServerMode
FDS_SetWaitFunc
FDS_SetWaitLock
FDS_StartApplication
FDS_WaitFor
_DllMain@12
_FDS_ActivateFDSW@0
_FDS_BinConstStr@16
_FDS_BinData@12
_FDS_BinDataLen@4
_FDS_BinDataType@4
_FDS_BinDate@12
_FDS_BinDouble@12
_FDS_BinFloat@12
_FDS_BinLong@12
_FDS_BinNthString@16
_FDS_BinNumElems@4
_FDS_BinShort@12
_FDS_BinString@12
_FDS_BinStructSize@4
_FDS_BinULong@12
_FDS_BinUShort@12
_FDS_BinXtra@4
_FDS_CDateToJulian@4
_FDS_CDateToNumeric@4
_FDS_CancelWait@0
_FDS_CleanupAPI@0
_FDS_DateToExcelSerial@28
_FDS_DateToJulian@12
_FDS_DoLogoff@0
_FDS_DoLogon@0
_FDS_FetchConstStr@16
_FDS_FetchData2@8
_FDS_FetchData@8
_FDS_FetchDate@12
_FDS_FetchDouble@12
_FDS_FetchFloat@12
_FDS_FetchLong@12
_FDS_FetchShort@12
_FDS_FetchString@12
_FDS_FetchTkrConstStr@20
_FDS_FetchTkrData@12
_FDS_FetchTkrDate@16
_FDS_FetchTkrDouble@16
_FDS_FetchTkrFloat@16
_FDS_FetchTkrLong@16
_FDS_FetchTkrShort@16
_FDS_FetchTkrString@16
_FDS_FetchTkrULong@16
_FDS_FetchTkrUShort@16
_FDS_FetchULong@12
_FDS_FetchUShort@12
_FDS_ForgetQueuedRequests@0
_FDS_GetInfo@20
_FDS_GetLastErrorText@8
_FDS_GetOnline@0
_FDS_GetResults2@8
_FDS_GetResults@8
_FDS_GetResultsConstStr@16
_FDS_GetResultsDate@12
_FDS_GetResultsDouble@12
_FDS_GetResultsFloat@12
_FDS_GetResultsLong@12
_FDS_GetResultsShort@12
_FDS_GetResultsString@12
_FDS_GetResultsULong@12
_FDS_GetResultsUShort@12
_FDS_GetServerMode@0
_FDS_InitializeAPI@0
_FDS_Internal1@8
_FDS_Internal2@8
_FDS_Internal3@12
_FDS_Internal4@20
_FDS_IsOnline@0
_FDS_JulianToCDate1@8
_FDS_JulianToCDate@8
_FDS_JulianToDate@16
_FDS_JulianToWeekday@4
_FDS_LoadParamFile@4
_FDS_QueueInfo@8
_FDS_QueueInfoCallback@16
_FDS_QueueInfoMessage@16
_FDS_QueueRequest2@8
_FDS_QueueRequest@8
_FDS_QueueRequestCallback2@16
_FDS_QueueRequestCallback@16
_FDS_QueueRequestMessage@16
_FDS_QueueTkrRequest@12
_FDS_QueueTkrRequestCallback@20
_FDS_QueueTkrRequestMessage@20
_FDS_QuitFDSW@0
_FDS_RunApplication@12
_FDS_RunAutoKey@12
_FDS_SetAbortCheck@4
_FDS_SetPreference@8
_FDS_SetServerMode@4
_FDS_SetWaitFunc@4
_FDS_SetWaitLock@4
_FDS_StartApplication@8
_FDS_WaitFor@8
_fds_fetch_data@12
_fds_get_error@0
_fds_run_app@8
_fds_run_autokey@8
_fds_start_app@8
_wbase_callback@16
fds_fetch_data
fds_get_error
fds_run_app
fds_run_autokey
fds_start_app
Sections
.text Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 395KB - Virtual size: 394KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 51KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ