a259ca7a7c7e2f231e284edbd92948d24db00b2b52d52f82e71e38ca72bb1e0eN

Sharing

Copy URL Twitter E-mail

General

Target

a259ca7a7c7e2f231e284edbd92948d24db00b2b52d52f82e71e38ca72bb1e0eN
Size

963KB
MD5

6ef7480c8ec5700c4f9f5c913c917210
SHA1

7274d26e07fccd3b0a66abb5cf167bf9fd7ab934
SHA256

a259ca7a7c7e2f231e284edbd92948d24db00b2b52d52f82e71e38ca72bb1e0e
SHA512

3d75ef143a4750c04105ffa8b9191953b8c5466bf5cf23e8ac69f3bc0cec81af3def1f07c29f20103394ab10e436c0ce531b2a52fc2d639868cba0b1eb7751f6
SSDEEP

12288:VwgSGqx21YTU2GD0NXKA+QQ+71+Romv3Z0pipBRC8RHT/MFi7dEQdkpXvlz:in0uKU3+QVB+Romv3Z0MXCuT6JrVlz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a259ca7a7c7e2f231e284edbd92948d24db00b2b52d52f82e71e38ca72bb1e0eN

Files

a259ca7a7c7e2f231e284edbd92948d24db00b2b52d52f82e71e38ca72bb1e0eN
.exe windows:5 windows x64 arch:x64

ed4f55c0110125a07e15231f827221e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\New_Work\Refined_15-1-12-2015\Startup Manager\x64\Release\Startup Manager.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW

kernel32

GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
EnumResourceTypesW
EnumResourceNamesW
LocalSize
OpenProcess
LoadLibraryExW
LoadLibraryExA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
HeapQueryInformation
CreateThread
ExitProcess
Sleep
HeapReAlloc
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
HeapAlloc
GetStartupInfoW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
GetTickCount
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
lstrlenA
GetModuleHandleA
GetCurrentProcessId
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetProcessHeap
GetLocaleInfoW
CompareStringA
WideCharToMultiByte
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
LoadLibraryW
FreeLibrary
CompareStringW
LoadLibraryA
GetLastError
SetLastError
lstrcmpW
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
GetVersionExA
GetThreadLocale
MulDiv
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
FindResourceW
LoadResource
LockResource
SizeofResource
CloseHandle
CreateFileW
lstrlenW
GetFileAttributesW
GetConsoleMode

user32

UnregisterClassW
CharUpperW
DestroyIcon
SetRectEmpty
MessageBeep
GetNextDlgGroupItem
LoadCursorW
GetSysColorBrush
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
ValidateRect
SystemParametersInfoW
DestroyMenu
InflateRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
LoadMenuW
MapDialogRect
PostQuitMessage
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
RegisterClipboardFormatW
DispatchMessageW
SetTimer
KillTimer
PostThreadMessageW
SetWindowContextHelpId
GetTopWindow
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
IsWindowVisible
UpdateWindow
LookupIconIdFromDirectoryEx
LoadImageW
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
GetIconInfo
GetDoubleClickTime
DrawFocusRect
SetClassLongPtrW
SetWindowRgn
DrawStateW
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetScrollInfo
SetScrollInfo
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
IsWindow
GetDlgItem
GetWindowLongW
GetParent
OffsetRect
PtInRect
CopyRect
GetDlgCtrlID
GetWindow
CharNextW
GetCursorPos
ReleaseDC
GetDC
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
DrawIconEx
SendMessageTimeoutW
DrawFrameControl
DrawEdge
RegisterClassA
DefMDIChildProcW
InsertMenuW
CreatePopupMenu
AppendMenuW
GetSystemMenu
SendMessageW
LoadIconW
RegisterWindowMessageW
EnableWindow
SetWindowLongPtrA
GetWindowLongPtrA
IsWindowUnicode
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA

gdi32

CreateSolidBrush
GetRgnBox
CombineRgn
GetMapMode
StretchDIBits
CreatePen
GetPixel
GetWindowExtEx
GetObjectType
PtVisible
SelectPalette
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
GetTextColor
CreateCompatibleBitmap
GetClipBox
GetDIBits
Polygon
CreateDIBitmap
CreatePalette
SetBrushOrgEx
CreateDIBSection
StretchBlt
GetTextCharsetInfo
OffsetRgn
GetViewportExtEx
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
CreateBitmap
SetBkColor
SetTextColor
GetDeviceCaps
GetStockObject
GetObjectW
GetBkColor
RectVisible

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumValueW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_GetBkColor
FlatSB_GetScrollProp
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathFileExistsW
PathStripToRootW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateInstance
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
SysAllocStringLen
OleCreateFontIndirect
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

urlmon

CoInternetSetFeatureEnabled

wintrust

WinVerifyTrust

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 578KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed4f55c0110125a07e15231f827221e5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

wintrust

imagehlp

Sections

.text Size: 578KB - Virtual size: 577KB

.rdata Size: 217KB - Virtual size: 217KB

.data Size: 20KB - Virtual size: 47KB

.pdata Size: 39KB - Virtual size: 39KB

.rsrc Size: 86KB - Virtual size: 85KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 578KB - Virtual size: 577KB

.rdata
Size: 217KB - Virtual size: 217KB

.data
Size: 20KB - Virtual size: 47KB

.pdata
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 86KB - Virtual size: 85KB

.reloc
Size: 21KB - Virtual size: 20KB