d66d686dbd72cabcaec0b1590035a24b760e737d8b3d6c307afbbc89b57dbeaf

Sharing

Copy URL Twitter E-mail

General

Target

d66d686dbd72cabcaec0b1590035a24b760e737d8b3d6c307afbbc89b57dbeaf
Size

5.3MB
MD5

b876c59a8a524be6bb14c09b6c5d2d75
SHA1

52174114e8982a1f90de7dd33061efb52c73754c
SHA256

d66d686dbd72cabcaec0b1590035a24b760e737d8b3d6c307afbbc89b57dbeaf
SHA512

00469bbfa516f672a8fe46466a2582c64d8f3b34da0982c1a2cd4daca8d78c7703648c4f7ea033f9c23018ef71e137262c880e01cfb1f15a51983152757bcebe
SSDEEP

98304:DJwYEpiC2QztkIBZycORMJ9ShdjfkeJ1djx3jbuTNhTqUq+fGUerxldoXpDGW5EJ:dwYgTtFX9ShdzJjx3jbuTNhTqUq+fGUg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d66d686dbd72cabcaec0b1590035a24b760e737d8b3d6c307afbbc89b57dbeaf

Files

d66d686dbd72cabcaec0b1590035a24b760e737d8b3d6c307afbbc89b57dbeaf
.exe windows:6 windows x86 arch:x86

59695b3249147138e96122326c70050b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\work\vc\bmqm\Release\bmqm.pdb

Imports

kernel32

WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
GetDateFormatW
GetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
GetFileType
SetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedPushEntrySList
RtlUnwind
GetThreadTimes
QueryPerformanceFrequency
OutputDebugStringW
GetTimeFormatW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindResourceExW
GetTempPathW
SearchPathW
VerifyVersionInfoW
VerSetConditionMask
SetErrorMode
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetCurrentDirectoryW
GlobalGetAtomNameW
CreateMutexW
ReleaseMutex
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
lstrcpyW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
InitializeCriticalSectionAndSpinCount
CompareStringA
GetCurrentThread
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
lstrcmpA
GetProfileIntW
GetCurrentProcessId
SystemTimeToFileTime
FileTimeToSystemTime
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
FreeResource
LoadLibraryA
GetProcAddress
GetModuleHandleA
OutputDebugStringA
SetLastError
CopyFileW
LocalFree
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FormatMessageW
GetLastError
GetACP
CreateDirectoryW
GetLocalTime
GlobalFree
SizeofResource
GlobalAlloc
Sleep
CloseHandle
TerminateThread
WaitForSingleObject
WinExec
GetModuleFileNameW
GetModuleHandleW
GetTickCount
MulDiv
GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc
WideCharToMultiByte
GetVersionExW
FreeLibrary
LoadLibraryW
GetWindowsDirectoryW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
LCMapStringW

user32

RegisterClipboardFormatW
MapVirtualKeyW
GetKeyNameTextW
GetWindowThreadProcessId
LoadMenuW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
CharUpperW
GetMenu
SetFocus
GetDlgCtrlID
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
SendMessageW
DrawFrameControl
IsRectEmpty
InvalidateRect
GetSystemMetrics
GetClassInfoExW
TranslateMDISysAccel
CallWindowProcW
GetMessageTime
PeekMessageW
RegisterWindowMessageW
GetDesktopWindow
ShowOwnedPopups
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
EndPaint
BeginPaint
CopyImage
DrawIcon
SetWindowRgn
SetParent
BringWindowToTop
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
DestroyIcon
UnpackDDElParam
ReuseDDElParam
PostQuitMessage
GetWindowDC
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
IsZoomed
MessageBeep
SetWindowContextHelpId
MapDialogRect
MonitorFromPoint
LoadAcceleratorsW
DestroyMenu
DrawStateW
SetMenu
GetMessageW
OffsetRect
PtInRect
EnableWindow
TranslateMessage
DispatchMessageW
GetParent
GetKeyState
IsWindow
PostMessageW
GetSysColor
GetMessagePos
ScreenToClient
SetCursor
LoadCursorW
SetCursorPos
GetAsyncKeyState
GetUpdateRect
CopyIcon
SubtractRect
SystemParametersInfoW
GetDC
ReleaseDC
FillRect
FrameRect
DrawEdge
InflateRect
DrawTextW
SetRect
GetClassInfoW
DefWindowProcW
GetWindowRect
IntersectRect
KillTimer
GetCursorPos
GetClientRect
IsClipboardFormatAvailable
GetFocus
InvertRect
SetCapture
ClipCursor
SetTimer
GetCapture
ReleaseCapture
TabbedTextOutW
DrawTextExW
GrayStringW
GetDoubleClickTime
IsWindowVisible
CopyRect
ClientToScreen
WindowFromPoint
UpdateWindow
SetProcessDPIAware
SetRectEmpty
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
LoadIconW
LoadImageW
RedrawWindow
UnregisterClassW
MessageBoxW
GetMenuStringW
GetMenuState
GetSubMenu
LockWindowUpdate
UnionRect
GetSysColorBrush
SetClassLongW
GetWindowLongW
SendDlgItemMessageA
DestroyAcceleratorTable
NotifyWinEvent
TrackMouseEvent
GetSystemMenu
DeleteMenu
GetMenuItemInfoW
GetIconInfo
UpdateLayeredWindow
EnableScrollBar
ModifyMenuW
CharUpperBuffW
DrawFocusRect
DrawIconEx
CharNextW
RealChildWindowFromPoint
PostThreadMessageW
SetLayeredWindowAttributes
EnumDisplayMonitors
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
CopyAcceleratorTableW
EnumChildWindows
InvalidateRgn
GetNextDlgGroupItem
GetMenuDefaultItem
SetMenuDefaultItem
HideCaret
GetWindowRgn
CreateMenu
MapVirtualKeyExW
IsCharLowerW
GetComboBoxInfo
DestroyCursor
RegisterClassW

gdi32

CreateHatchBrush
CreatePatternBrush
CreateRectRgn
DeleteObject
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ExtTextOutW
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
CreateBitmap
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
CreateRoundRectRgn
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
RoundRect
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
CreatePalette
GetPaletteEntries
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceW
SetPixelV
TextOutW
RectVisible
PtVisible
CreateFontW
GetObjectW
CreatePen
BitBlt
GetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
GetCurrentObject
CreateDCW
CopyMetaFileW
CreateSolidBrush
PatBlt
GetTextMetricsW
Escape
GetTextExtentPoint32W
CreateFontIndirectW
OffsetWindowOrgEx
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyExW
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegSetValueExA
RegCreateKeyW
RegEnumValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

ExtractIconW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAddToRecentDocs
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteW

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_ReplaceIcon

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathIsDirectoryW
PathFileExistsW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent

ole32

OleLockRunning
StringFromCLSID
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
CoDisconnectObject
OleDraw
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateGuid
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

VarBstrCat
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantCopy
VariantInit
SysAllocString
VariantClear
VarDateFromStr
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetElement
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayRedim
VariantChangeType
SafeArrayGetDim

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 489KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59695b3249147138e96122326c70050b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 489KB - Virtual size: 489KB

.data Size: 32KB - Virtual size: 55KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 184KB - Virtual size: 184KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 489KB - Virtual size: 489KB

.data
Size: 32KB - Virtual size: 55KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 184KB - Virtual size: 184KB