e7c9218c0ed32994c31b9e517c206d1070ad21c8132d756e5502b41b7b2f5824

Sharing

Copy URL

Twitter E-mail

General

Target

e7c9218c0ed32994c31b9e517c206d1070ad21c8132d756e5502b41b7b2f5824
Size

5.4MB
MD5

705513af640a5bcf82d99abd0bbb5871
SHA1

8c7cd5bb4e61be78479660c9e07b4e5ff2a2cffb
SHA256

e7c9218c0ed32994c31b9e517c206d1070ad21c8132d756e5502b41b7b2f5824
SHA512

10757acfc12192fcb7a9eea074a20f1848216082263e74bd7b3870c20588bdebda951aca969af20a32a5469de30962e2b081b916c60501b08a4e181175613301
SSDEEP

98304:f709VbhW24fQDBS2ckC1uaS+cVZnJwovpMNK:fwbb42bngYJwovpMN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7c9218c0ed32994c31b9e517c206d1070ad21c8132d756e5502b41b7b2f5824

Files

e7c9218c0ed32994c31b9e517c206d1070ad21c8132d756e5502b41b7b2f5824
.exe windows:5 windows x86 arch:x86

31cb5c8ca212657ce6186627f55f53e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\svn\Software\Projects\FIDO\Trunk\Output\Windows\Bin\FIDOManager_rls.pdb

Imports

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
LCMapStringA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
GetSystemInfo
VirtualAlloc
HeapSize
ExitThread
ExitProcess
HeapReAlloc
SetEnvironmentVariableA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
GetFileTime
SetErrorMode
lstrcpyW
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalGetAtomNameW
InterlockedIncrement
LocalReAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
GlobalFlags
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
InterlockedDecrement
SetThreadPriority
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryExW
CompareStringA
lstrcmpA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
CopyFileW
FormatMessageW
MulDiv
CreateEventW
CancelIo
GetOverlappedResult
lstrlenA
GlobalSize
GlobalMemoryStatus
ResetEvent
SetEvent
CreateEventA
TlsFree
TlsSetValue
TlsGetValue
SetLastError
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThread
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
GetFileSizeEx
GetFileAttributesW
CreateFileW
FindClose
CreateFileMappingA
OpenFileMappingA
LocalAlloc
LocalFree
GetHandleInformation
ReleaseMutex
OpenMutexA
CreateMutexA
WriteFile
ReadFile
UnmapViewOfFile
CreateFileA
GetFileSize
MapViewOfFile
SetFilePointer
SetEndOfFile
SwitchToThread
GetModuleFileNameA
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetCurrentProcess
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleA
GetProcAddress
InterlockedCompareExchange
InterlockedExchangeAdd
GetSystemTimeAsFileTime
WaitForSingleObject
ResumeThread
InterlockedExchange
FreeResource
VirtualQuery
GetModuleHandleW
GetModuleFileNameW
lstrlenW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetExitCodeThread
CloseHandle
TerminateThread
WideCharToMultiByte
GetCurrentThreadId
CreateThread
Sleep
GetVersionExW
CreateMutexW
GetLastError
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource

user32

GetMessageW
TranslateMessage
ValidateRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetCursor
GetKeyboardLayout
IsMenu
CheckDlgButton
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
IsRectEmpty
BringWindowToTop
LockWindowUpdate
PtInRect
SendMessageW
GetWindowRect
GetClientRect
GetDC
ReleaseDC
GetParent
RemoveMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetIconInfo
DrawIconEx
DestroyIcon
GetSysColor
IsWindowVisible
DrawFrameControl
GetSysColorBrush
RegisterWindowMessageW
SetWindowPos
GetWindowTextW
LoadImageW
KillTimer
SetWindowRgn
FillRect
InflateRect
DrawStateW
SetTimer
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawTextW
ShowScrollBar
ShowCaret
SetParent
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
ScreenToClient
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
GetMenuItemInfoW
DestroyMenu
GetKeyNameTextW
MapVirtualKeyW
WindowFromPoint
CharUpperW
GetWindowThreadProcessId
LoadCursorW
SystemParametersInfoW
MessageBoxW
IsWindow
GetSystemMetrics
LoadIconW
IsIconic
GetSystemMenu
PostMessageW
AppendMenuW
DrawIcon
GetFocus
GetWindowLongW
DeleteMenu
SetCapture
WaitMessage
SetRectEmpty
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
EnableWindow
AdjustWindowRectEx
ReleaseCapture
InvalidateRect
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
NotifyWinEvent
CreatePopupMenu
SetClassLongW
CallWindowProcW
CopyRect
GetWindow
GetComboBoxInfo
GetCursorPos
SetWindowLongW
EnumChildWindows
RegisterClipboardFormatW
CopyImage
CharNextW
SetRect
InvalidateRgn
GetNextDlgGroupItem
UnregisterClassW
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
DrawEdge
DrawFocusRect
SetCursorPos
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
DestroyCursor
GetWindowRgn
IsCharLowerW
GetDoubleClickTime
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
SendDlgItemMessageW
MapVirtualKeyExW
CreateMenu

gdi32

SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
SetRectRgn
GetMapMode
DPtoLP
GetTextMetricsW
OffsetRgn
GetRgnBox
EnumFontFamiliesW
GetTextCharsetInfo
GetTextColor
SetDIBColorTable
GetBkColor
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceW
SetPixelV
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
GetDCOrgEx
CopyMetaFileW
GetDeviceCaps
CreateRectRgn
SetBkMode
RectVisible
SaveDC
GetClipBox
ExtSelectClipRgn
SetStretchBltMode
SetDIBitsToDevice
RestoreDC
RealizePalette
GetDIBits
CreateDIBSection
PatBlt
CreateFontIndirectW
StretchBlt
CreateCompatibleBitmap
EnumFontFamiliesExW
GetTextExtentPoint32W
GetObjectW
RoundRect
SetBrushOrgEx
CreateRoundRectRgn
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
DeleteObject
SetPixel
FillRgn
CombineRgn
CreateRectRgnIndirect
CreateFontW
CreateSolidBrush
CreatePen
CreateDIBitmap
GetStockObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
OpenProcessToken
GetUserNameA
SetSecurityInfo
GetSecurityDescriptorSacl
CreateWellKnownSid
RegEnumKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCloseKey
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
OpenThreadToken
LookupPrivilegeValueW
PrivilegeCheck

shell32

DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteW
SHGetFileInfoW
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
StrCmpW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoCreateInstance
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
CoUninitialize
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
CoTaskMemFree
CreateStreamOnHGlobal
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop

oleaut32

VariantInit
SysStringLen
SysFreeString
VariantCopy
VariantChangeType
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
VariantClear
SysAllocStringLen

gdiplus

GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipCloneBrush
GdipDrawString
GdipFillPieI
GdipFillEllipseI
GdipSetSmoothingMode
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteFont
GdipCreateFont
GdipDeleteBrush
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily

winmm

PlaySoundW
timeKillEvent

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW

winscard

SCardEndTransaction
SCardReleaseContext
g_rgSCardT0Pci
SCardEstablishContext
SCardConnectA
SCardDisconnect
SCardTransmit
g_rgSCardT1Pci
SCardBeginTransaction
SCardListReadersA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailW

hid

HidD_GetFeature
HidD_SetFeature
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_SetNumInputBuffers
HidD_GetHidGuid

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31cb5c8ca212657ce6186627f55f53e1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

winmm

version

winscard

setupapi

hid

imm32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 399KB - Virtual size: 399KB

.data Size: 39KB - Virtual size: 89KB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 399KB - Virtual size: 399KB

.data
Size: 39KB - Virtual size: 89KB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 180KB - Virtual size: 180KB