5f41454049ad006f5a14f48a0f7b2147e3a62e007995ecbdc0f6b73a8e4b4523

Sharing

Copy URL Twitter E-mail

General

Target

5f41454049ad006f5a14f48a0f7b2147e3a62e007995ecbdc0f6b73a8e4b4523
Size

532KB
MD5

557560a8d6ef77593d22f4a557da90d4
SHA1

eccaf49e09cb7b0727d6b4f31a6f83298bdee17b
SHA256

5f41454049ad006f5a14f48a0f7b2147e3a62e007995ecbdc0f6b73a8e4b4523
SHA512

10870fa8804c1cd80786e5fc9b4e47f3b8d87b4f297b1e6eeab11a62a616f174c263583fb3a094d40ca70519f50b7b4aee1570aa807ee1608f5e6fef17c4259b
SSDEEP

6144:zfzjX6F7IBQeewQeeqQeesQeefeQeefQee178SYZzn11yq+iruCdbOP24SUVlCge:znXiyQwP24SGiLvxjT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f41454049ad006f5a14f48a0f7b2147e3a62e007995ecbdc0f6b73a8e4b4523

Files

5f41454049ad006f5a14f48a0f7b2147e3a62e007995ecbdc0f6b73a8e4b4523
.exe windows:4 windows x86 arch:x86

c5164eaa12122e93624c78c6abdc0a9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Seal\SVN\SealSource\trunk\Tool\Output\SetD3DDevice.pdb

Imports

d3d9

Direct3DCreate9

winmm

timeGetTime

kernel32

HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
GetSystemInfo
FindResourceA
SizeofResource
LoadResource
LockResource
GetVersionExA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalAddAtomA
SetLastError
GetCurrentProcessId
FreeResource
GlobalFree
GlobalUnlock
WritePrivateProfileStringA
InterlockedDecrement
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
MulDiv
LocalFree
FormatMessageA
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
ReadFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetThreadLocale
GetCurrentProcess
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
HeapReAlloc
VirtualAlloc
VirtualQuery
GetCommandLineA
GetStartupInfoA
ExitProcess
RaiseException
HeapSize
GetACP
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
WriteFile
GetModuleHandleA
CompareStringA
GetVersion
GetLastError
InterlockedExchange
CreateToolhelp32Snapshot
Process32First
OpenProcess
GetPriorityClass
Process32Next
lstrcmpA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
lstrcpyA
lstrcatA
lstrlenA
lstrcpynA
GetModuleFileNameW

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
LoadCursorA
GetSysColorBrush
UnregisterClassA
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetSubMenu
RegisterWindowMessageA
GetMenuItemCount
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
GetPropA
CopyRect
PtInRect
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
GetWindowTextA
SetFocus
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SendDlgItemMessageA
CheckRadioButton
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
WinHelpA
GetCapture
GetClassNameA
GetMenuItemID
SetPropA
RegisterClassA
CreateWindowExA
GetSystemMetrics
LoadImageA
LoadIconA
EnableWindow
DrawIcon
RemovePropA
GetForegroundWindow
ShowWindow
IsIconic
GetIconInfo
GetDC
ReleaseDC
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
SetWindowPos
DestroyMenu
DestroyWindow
PostQuitMessage
GetWindowLongA
SetCursor
DefWindowProcA
GetCursorPos
ScreenToClient
GetClientRect
MessageBoxA
SendMessageA
SetWindowLongA
SetMenu
GetMenu
GetClassLongA
GetWindowRect
ClipCursor
GetKeyState

gdi32

GetDeviceCaps
TextOutA
ExtTextOutA
ScaleWindowExtEx
RectVisible
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetStockObject
SetBkColor
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
Escape
SetTextColor
GetClipBox
CreateBitmap
PtVisible
DeleteDC
DeleteObject
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA

advapi32

RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegEnumKeyA

shlwapi

PathFindExtensionA
PathFindFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5164eaa12122e93624c78c6abdc0a9a

Headers

File Characteristics

PDB Paths

Imports

d3d9

winmm

kernel32

user32

gdi32

advapi32

shlwapi

winspool.drv

oleaut32

Sections

.text Size: 252KB - Virtual size: 248KB

.rdata Size: 112KB - Virtual size: 110KB

.data Size: 48KB - Virtual size: 69KB

.rsrc Size: 116KB - Virtual size: 113KB

.text
Size: 252KB - Virtual size: 248KB

.rdata
Size: 112KB - Virtual size: 110KB

.data
Size: 48KB - Virtual size: 69KB

.rsrc
Size: 116KB - Virtual size: 113KB