2243d73aae976626d9c078593759f8dae49dca2372003fc5ec653605dfdae9fdN

Sharing

Copy URL Twitter E-mail

General

Target

2243d73aae976626d9c078593759f8dae49dca2372003fc5ec653605dfdae9fdN
Size

1.9MB
MD5

85d963150b8602b3f19cc318c2a044e0
SHA1

8e2321f99b7bade6383cf3c272a7da980ca06ae3
SHA256

2243d73aae976626d9c078593759f8dae49dca2372003fc5ec653605dfdae9fd
SHA512

b51213c497592fafa7089d128a28b02bd8e126a02f4f7f442450310e125f96140107019863e2d75fb121a086718d9fe9043c5b1a0119fbd5aaa2b7c0b4d06d2c
SSDEEP

49152:3ZFZqbZdQqDBmFBXbuB2LUBDy84cbvgANP1OOfq3oqceGnLPsbkUq6:3ZqbZd5DwpbPLUBDy84cbvgANtq3oNe9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2243d73aae976626d9c078593759f8dae49dca2372003fc5ec653605dfdae9fdN

Files

2243d73aae976626d9c078593759f8dae49dca2372003fc5ec653605dfdae9fdN
.exe windows:5 windows

d29604d09426ae1c6d5cbb1999d6f8da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\oDesk\Network Owner\New folder\InstallerManager\Release\InstallerManager.pdb

Imports

kernel32

SetEnvironmentVariableA
WriteConsoleW
LCMapStringW
GetConsoleMode
GetConsoleCP
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
GetTimeZoneInformation
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
ExitThread
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTickCount
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
lstrlenA
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GetCurrentDirectoryW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFindAtomW
CompareStringW
ReleaseActCtx
CreateActCtxW
RaiseException
CopyFileW
GlobalSize
MulDiv
GetCurrentProcessId
GlobalAddAtomW
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalUnlock
GetPrivateProfileStringW
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
FreeResource
lstrcmpA
GlobalDeleteAtom
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
ActivateActCtx
LoadLibraryW
DeactivateActCtx
SetLastError
GlobalLock
lstrcmpW
GetProcAddress
InterlockedExchange
FreeLibrary
FormatMessageW
GlobalFree
GlobalAlloc
InterlockedIncrement
InterlockedDecrement
GetExitCodeProcess
GetFileAttributesW
LocalFree
LocalAlloc
GetCurrentProcess
GetCurrentThread
GetTempPathW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateProcessW
GetNativeSystemInfo
WideCharToMultiByte
GetVersionExW
CloseHandle
GetLastError
ReadFile
SetFilePointer
GetFileSize
CreateFileW
GetModuleFileNameW
GetModuleHandleW
WriteFile
Sleep
ExitProcess
CreateThread
FindResourceW
LoadResource
LockResource
MultiByteToWideChar
SizeofResource
DeleteFileW

user32

SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
RealChildWindowFromPoint
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
MapVirtualKeyW
GetKeyNameTextW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowTextLengthW
GetWindowTextW
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
CopyRect
UnhookWindowsHookEx
PtInRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
GetSysColorBrush
GetClassNameW
InvalidateRect
UpdateWindow
FillRect
DrawStateW
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
MessageBeep
DestroyIcon
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
SetClassLongW
LoadIconW
GetSystemMenu
AppendMenuW
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageW
KillTimer
SetTimer
EnableWindow
GetWindowRect
CharUpperW
SetWindowRgn
RedrawWindow
NotifyWinEvent
GetAsyncKeyState
IsZoomed
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
GetMenuDefaultItem
UnregisterClassW
TranslateAcceleratorW
BringWindowToTop
GetDesktopWindow
SetMenuDefaultItem
GetSubMenu
ClientToScreen
GetCursorPos
LoadMenuW
wsprintfW
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
CharNextW
OffsetRect
CopyAcceleratorTableW
IsRectEmpty
SetRect
IntersectRect
InvalidateRgn
TabbedTextOutW
GetNextDlgGroupItem
SendMessageW
DrawIconEx
DrawEdge
DrawFrameControl
SetParent
DrawFocusRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatW
InvertRect
HideCaret
GetIconInfo
CopyImage
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
FrameRect
CopyIcon
CharUpperBuffW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
GetWindowRgn
UnpackDDElParam
ReuseDDElParam
LoadImageW
LoadAcceleratorsW
InsertMenuItemW

gdi32

SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
PatBlt
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
CreateDIBSection
Escape
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceW
SetPixelV
TextOutW
ExtTextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetStockObject
GetObjectW
CreateSolidBrush
DeleteObject
CreateDCW
GetDeviceCaps
CopyMetaFileW
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

SetSecurityDescriptorOwner
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
CheckTokenMembership
FreeSid
AccessCheck
IsValidSecurityDescriptor
RegOpenKeyExW
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
DuplicateToken
OpenProcessToken
OpenThreadToken

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW
SHAppBarMessage

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
UrlUnescapeW
PathFindFileNameW
PathFindExtensionW
AssocQueryStringW
PathRemoveFileSpecW

ole32

RevokeDragDrop
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoCreateInstance
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoInitializeEx
CreateStreamOnHGlobal
OleIsCurrentClipboard
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
CoCreateGuid

oleaut32

VarBstrFromDate
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
OleCreateFontIndirect
LoadRegTypeLi
DispCallFunc
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipDrawImageI
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipAlloc
GdipFree
GdipGetImagePixelFormat
GdipDeleteGraphics

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable
InternetSetOptionExW

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 22.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d29604d09426ae1c6d5cbb1999d6f8da

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 294KB - Virtual size: 293KB

.data Size: 26KB - Virtual size: 22.3MB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 226KB - Virtual size: 226KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 294KB - Virtual size: 293KB

.data
Size: 26KB - Virtual size: 22.3MB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 226KB - Virtual size: 226KB