c24ab6759df445aec1ce6a3ae0153d9bfad971affaee09cd9ff8c5037eca61d4

Sharing

Copy URL Twitter E-mail

General

Target

c24ab6759df445aec1ce6a3ae0153d9bfad971affaee09cd9ff8c5037eca61d4
Size

5.3MB
MD5

afef5b4618703d1a21740a168b880260
SHA1

cf13607affffdd75a15d149718bf22e1ef0f5ca1
SHA256

c24ab6759df445aec1ce6a3ae0153d9bfad971affaee09cd9ff8c5037eca61d4
SHA512

ab5105c3442a12cdfea4f95d23a56b95f9c3955211404ca84c7dac842c6f74a0a20b9ca8a016c4f13e5c77b749a0e12d3239d849149f6da4bc87c57c700b8612
SSDEEP

49152:X6X/qVZxcflJNwV9O9HouaHDOTPVjrN2D2r8YC83movWj7ztOA804nC8/vvSZDMb:qX/i/VoINUPDIOA8047kf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c24ab6759df445aec1ce6a3ae0153d9bfad971affaee09cd9ff8c5037eca61d4

Files

c24ab6759df445aec1ce6a3ae0153d9bfad971affaee09cd9ff8c5037eca61d4
.exe windows:5 windows x86 arch:x86

b3b80d6cb54a15f21cb3714cd5d50f9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\svn2\kk_cloud_speed\trunk\code\cpp_code\CloudProxy\Release\CloudProxy.pdb

Imports

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipLoadImageFromStream
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDrawPath
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdipDrawRectangleI
GdipSetPenMode
GdipDrawLineI
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipCreatePen1
GdipDeletePen
GdipSetPenDashStyle
GdiplusShutdown

user32

CharPrevW
DestroyCursor
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
GetDoubleClickTime
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
CopyIcon
SetCursorPos
EmptyClipboard
SetClipboardData
CloseClipboard
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
MessageBeep
GetIconInfo
DrawIconEx
TrackMouseEvent
UnionRect
IsRectEmpty
SendDlgItemMessageA
CopyImage
GetClipboardFormatNameW
GetClipboardFormatNameA
CharUpperW
ReuseDDElParam
UnpackDDElParam
LoadImageW
DestroyIcon
IntersectRect
TranslateAcceleratorW
LoadAcceleratorsW
DestroyMenu
MapVirtualKeyW
GetKeyNameTextW
RealChildWindowFromPoint
GetAsyncKeyState
InflateRect
SetCursor
ReleaseCapture
SetRectEmpty
OffsetRect
SetRect
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
NotifyWinEvent
FindWindowW
SetParent
WindowFromPoint
GetCaretPos
CharNextW
ShowCaret
HideCaret
CreateCaret
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
InvalidateRgn
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
GetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetActiveWindow
RegisterClassExW
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
PostThreadMessageW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetMenuCheckMarkDimensions
GetFocus
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
DispatchMessageW
TranslateMessage
GetMessageW
CopyRect
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
LoadCursorW
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadBitmapW
InvertRect
FrameRect
FillRect
DrawFocusRect
GetSysColorBrush
DrawStateW
GrayStringW
DrawTextExW
DrawTextW
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
SetMenuItemBitmaps
DeleteMenu
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
LoadMenuW
DrawFrameControl
DrawEdge
GetWindowTextLengthW
GetWindowTextW
MapDialogRect
TabbedTextOutW
IsWindow
SendMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetCaretBlinkTime
wsprintfW
SetCaretPos
PostMessageW
GetCursorPos
LoadIconW
ShowWindow
GetMenuState
GetMenuStringW
IsMenu
PostQuitMessage
PeekMessageW
GetWindowRect
SetWindowPos
GetDesktopWindow
SystemParametersInfoW
SetForegroundWindow

ole32

OleLockRunning
OleCreateMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CLSIDFromProgID
CoInitializeEx
CoUninitialize
CoDisconnectObject
CLSIDFromString
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

VariantChangeType
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
SysFreeString
LoadTypeLi
VarBstrFromDate
VariantInit
SysAllocString

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus
ImmSetCompositionWindow

kernel32

GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetStringTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
DosDateTimeToFileTime
GetFileType
GetACP
VirtualQuery
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SearchPathW
ResetEvent
GetTempPathW
GetUserDefaultLCID
GetTempFileNameW
GetWindowsDirectoryW
GetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
FindResourceExW
GetUserDefaultUILanguage
GetLocaleInfoW
EnumSystemLocalesW
lstrcmpiW
LCMapStringW
GetTimeZoneInformation
SetStdHandle
WriteConsoleW
GetStdHandle
VirtualAlloc
GetCommandLineW
GetCommandLineA
HeapQueryInformation
HeapValidate
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
InterlockedPushEntrySList
FindNextFileW
GetVersionExA
SetEnvironmentVariableA
MoveFileExW
CreateWaitableTimerA
GetSystemInfo
OpenEventA
QueryPerformanceFrequency
OutputDebugStringW
GetCPInfo
GetHandleInformation
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
CompareStringW
IsValidLocale
FindClose
GlobalFlags
VirtualProtect
GetProfileIntW
ResumeThread
SetThreadPriority
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
LocalReAlloc
GlobalHandle
GlobalReAlloc
LoadLibraryA
SystemTimeToFileTime
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
GetModuleHandleA
SetErrorMode
CopyFileW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
Sleep
CreateIoCompletionPort
GetSystemTimeAsFileTime
TlsGetValue
VerifyVersionInfoW
SleepEx
VerSetConditionMask
WaitForSingleObjectEx
WaitForMultipleObjectsEx
GetQueuedCompletionStatus
InterlockedCompareExchange
CreateWaitableTimerW
SetLastError
TlsSetValue
SetWaitableTimer
CreateSemaphoreA
GetVersionExW
ReleaseSemaphore
GetPrivateProfileIntA
InitializeCriticalSection
CreateDirectoryW
GetTickCount
GetPrivateProfileStringA
CreateProcessW
GetLocalTime
WritePrivateProfileStringA
MultiByteToWideChar
GetModuleFileNameA
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OpenFileMappingW
ReleaseMutex
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetAtomNameW
SizeofResource
InterlockedExchange
HeapFree
EnterCriticalSection
GetCurrentProcess
WriteFile
OutputDebugStringA
InterlockedDecrement
GetModuleFileNameW
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
CreateMutexW
WaitForSingleObject
CreateFileW
GetCurrentThreadId
HeapSize
PostQueuedCompletionStatus
CreateEventW
FormatMessageW
GetLastError
SetEvent
TerminateThread
TlsAlloc
LockResource
DeleteFileW
InterlockedExchangeAdd
HeapReAlloc
CloseHandle
RaiseException
LoadLibraryW
LoadResource
FindResourceW
HeapAlloc
QueueUserAPC
DecodePointer
GetProcAddress
LocalFree
DeleteCriticalSection
ExitProcess
GetCurrentProcessId
GetProcessHeap
FreeLibrary
WideCharToMultiByte
InterlockedIncrement
TlsFree
FormatMessageA
CreateEventA
MoveFileW
SetUnhandledExceptionFilter
GetModuleHandleW
lstrcpyW
LocalAlloc

gdi32

BitBlt
GetDeviceCaps
CopyMetaFileW
DeleteDC
CreateBitmap
CombineRgn
CreateDCW
ExtTextOutW
GetObjectA
SetDIBColorTable
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetSystemPaletteEntries
EnumFontFamiliesExW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
SetTextAlign
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetClipBox
ExcludeClipRect
DeleteObject
GetTextFaceW
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
TextOutW
GetObjectW
GetTextMetricsW
SetRectRgn
StretchBlt
SetPixelV
SetPixel
SetPaletteEntries
SelectObject
RoundRect
RealizePalette
Rectangle
RectVisible
PtVisible
PtInRegion
PatBlt
OffsetRgn
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetViewportExtEx
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectType
GetNearestPaletteIndex
GetCharABCWidthsW
GetBoundsRect
GetBkColor
FrameRgn
FillRgn
ExtFloodFill
CreateCompatibleBitmap
Escape
Ellipse
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreatePen
CreatePalette
CreateHatchBrush
CreateFontIndirectW
CreateEllipticRgn
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

InitializeSecurityDescriptor
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegSetValueExW
SystemFunction036
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
SetSecurityDescriptorDacl
RegEnumKeyExW

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW
SHBrowseForFolderW
SHAppBarMessage
Shell_NotifyIconW

comctl32

ord17
_TrackMouseEvent

shlwapi

PathFindExtensionW
StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW

uxtheme

CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData

dbghelp

MiniDumpWriteDump

ws2_32

WSASend
select
ntohl
WSASetLastError
WSAStringToAddressW
listen
connect
recvfrom
send
sendto
WSARecv
getsockopt
ioctlsocket
setsockopt
bind
shutdown
closesocket
gethostbyname
freeaddrinfo
getsockname
getaddrinfo
WSAIoctl
accept
__WSAFDIsSet
recv
getpeername
inet_addr
WSASocketW
socket
inet_ntoa
gethostname
htonl
htons
WSAGetLastError
ntohs
WSACleanup
WSAStartup

mswsock

GetAcceptExSockaddrs
AcceptEx

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

winmm

PlaySoundW

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 674KB - Virtual size: 674KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 575KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

��27�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b3b80d6cb54a15f21cb3714cd5d50f9c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

user32

ole32

oleaut32

imm32

kernel32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

dbghelp

ws2_32

mswsock

oleacc

winmm

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 674KB - Virtual size: 674KB

.data Size: 36KB - Virtual size: 74KB

.gfids Size: 108KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 575KB - Virtual size: 575KB

.reloc Size: 209KB - Virtual size: 208KB

��27�u� Size: 16KB - Virtual size: 20KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 674KB - Virtual size: 674KB

.data
Size: 36KB - Virtual size: 74KB

.gfids
Size: 108KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 575KB - Virtual size: 575KB

.reloc
Size: 209KB - Virtual size: 208KB

��27�u�
Size: 16KB - Virtual size: 20KB