UmpToolV6A[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

UmpToolV6A.exe
Size

1.2MB
MD5

1760a263945fcbb26c3414e93741528c
SHA1

d3183e19c037351a8c6e1c7d6f54eb6ecd967cce
SHA256

dd232e7dc0a3ba6f034f8cd9caf8ed43f67fa699a0b9f9cf3fa0367ebce3636a
SHA512

379c7a1b2bc9fdeefe6c593c315c0aeaeb86849c9f46d6d28d70c45f6b886ae54a54fe21af4ebf90291caef9d0c4e8a45104fda262d6a1e3e2b10323e3372278
SSDEEP

24576:hfGF3Oyp0TJxiFCYzglwyQGYKX8t+5Lbs19du+C7Wc3U0TdZjByt:wJkxKzglwyQGYKX+wUVcnTddByt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
UmpToolV6A.exe

Files

UmpToolV6A.exe
.exe windows:5 windows x86 arch:x86

e7d77161c52bd4ae0f88727bb4a89f45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
CM_Get_Parent
CM_Query_And_Remove_SubTreeW

kernel32

CreateThread
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
HeapCreate
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
InitializeCriticalSection
ExitThread
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
HeapFree
RtlUnwind
GetCurrentDirectoryA
SetErrorMode
GlobalFlags
InterlockedIncrement
GetModuleHandleW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
LocalSize
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
DeleteCriticalSection
LeaveCriticalSection
GetVersionExA
GetVersion
lstrlenA
lstrlenW
GetCPInfo
MultiByteToWideChar
FreeResource
lstrcmpiA
SetLastError
GetLastError
GetProcAddress
LoadLibraryA
GetModuleHandleA
CloseHandle
WriteFile
SetFilePointer
CreateFileA
CreateDirectoryA
GetModuleFileNameA
GetTickCount
ReleaseMutex
Sleep
SetThreadPriority
GetCurrentThread
CreateProcessA
DeleteFileA
GetDriveTypeA
CopyFileA
GetSystemDirectoryA
GetLogicalDrives
MoveFileA
FreeLibrary
SetFileAttributesA
GetPrivateProfileStringA
EnterCriticalSection
WritePrivateProfileStringA
GetPrivateProfileIntA
FindResourceA
GetFileSize
GetFileAttributesA
TerminateProcess
WaitForSingleObject
GlobalReAlloc
TlsGetValue
LocalAlloc
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GetModuleFileNameW
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalLock
GlobalUnlock
FormatMessageA
MulDiv
FindFirstFileA
FindNextFileA
FindClose
GetEnvironmentVariableA
GetFileAttributesExA
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
LocalFree
LCMapStringA
ExitProcess
GetOEMCP
CreateMutexA
GlobalAlloc
GlobalFree
QueryDosDeviceA
DeviceIoControl

user32

ReleaseCapture
LoadCursorA
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
EndDialog
CharUpperA
GetWindowThreadProcessId
GetMessageA
TranslateMessage
ValidateRect
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
GetCursorPos
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
SetScrollPos
GetScrollPos
IsWindowVisible
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
RegisterWindowMessageA
GetMenuItemInfoA
GetSysColor
SystemParametersInfoA
GetScrollInfo
SetScrollInfo
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
IsIconic
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
CheckMenuItem
SetWindowLongA
SetRectEmpty
PtInRect
IntersectRect
IsRectEmpty
UnregisterClassA
SetCapture
CharNextA
CopyAcceleratorTableA
InvalidateRgn
EndPaint
BeginPaint
GetWindowDC
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetTopWindow
DestroyIcon
DrawIconEx
DrawTextA
GetSystemMetrics
FillRect
GetSysColorBrush
SetRect
CopyRect
LoadBitmapA
DrawEdge
TabbedTextOutA
DrawTextExA
GrayStringA
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
CopyIcon
GetDoubleClickTime
SetClassLongA
SetWindowRgn
SendMessageTimeoutA
DrawFrameControl
RegisterClassW
DefMDIChildProcW
DefMDIChildProcA
DefDlgProcW
ScreenToClient
DestroyMenu
GetMenuStringA
RedrawWindow
IsWindow
GetDlgCtrlID
WaitForInputIdle
EnumThreadWindows
LoadIconA
SetForegroundWindow
GetSystemMenu
KillTimer
GetForegroundWindow
UnregisterHotKey
RegisterHotKey
FindWindowA
SetTimer
PostQuitMessage
LoadMenuA
EnableMenuItem
UpdateWindow
PeekMessageA
ShowWindow
MessageBoxA
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageA
DrawFocusRect
DrawStateA
FrameRect
OffsetRect
InflateRect
LoadImageA
GetIconInfo
CreateIconIndirect
DefDlgProcA
DefFrameProcW
PostMessageA
SetCursor
DefFrameProcA
DefWindowProcW
IsMenu
DestroyCursor
EnableWindow
GetDesktopWindow
ReleaseDC
GetDC
ModifyMenuA
GetSubMenu
SetWindowLongW
GetWindowLongW
IsWindowUnicode
EnumWindows
EnableScrollBar
CallWindowProcW

gdi32

SaveDC
RestoreDC
SetBkMode
SetStretchBltMode
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
GetClipRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
DPtoLP
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateRectRgnIndirect
CombineRgn
GetMapMode
GetCharWidthA
StretchDIBits
GetBkColor
GetTextColor
GetRgnBox
OffsetViewportOrgEx
CreateRectRgn
GetTextMetricsA
CreateFontA
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
Escape
GetTextExtentPoint32A
ExtTextOutA
TextOutA
SetPixel
GetPixel
PatBlt
Ellipse
RectVisible
PtVisible
GetBkMode
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
CreateFontIndirectA
OffsetRgn
GetTextCharsetInfo
StretchBlt
SetBrushOrgEx
CreatePalette
CreateDIBitmap
Polygon
GetDIBits
CreatePen
CreateCompatibleDC
GetTextExtentPoint32W
DeleteDC
DeleteObject
CreateSolidBrush
BitBlt
CreateDIBSection
SelectObject
SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
SetNamedSecurityInfoA
SetEntriesInAclA
BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegQueryInfoKeyA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ImageList_GetIconSize
_TrackMouseEvent
FlatSB_GetScrollProp
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_Destroy

shlwapi

PathFileExistsA
StrStrIA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
CLSIDFromString

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SystemTimeToVariantTime
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString
VariantTimeToSystemTime
SysStringByteLen

ws2_32

ntohl

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 1006KB - Virtual size: 1006KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7d77161c52bd4ae0f88727bb4a89f45

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

imagehlp

Sections

.text Size: 1006KB - Virtual size: 1006KB

.rdata Size: 213KB - Virtual size: 212KB

.data Size: 20KB - Virtual size: 48KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 1006KB - Virtual size: 1006KB

.rdata
Size: 213KB - Virtual size: 212KB

.data
Size: 20KB - Virtual size: 48KB

.rsrc
Size: 14KB - Virtual size: 14KB