ff57f75e8d99b340443e17feaeccd75d7fa69f7034ae8018bb99cf2d9a232ac3

Sharing

Copy URL Twitter E-mail

General

Target

ff57f75e8d99b340443e17feaeccd75d7fa69f7034ae8018bb99cf2d9a232ac3
Size

5.3MB
MD5

cf16239bd96928b92e2e5cd5fb030d42
SHA1

6c65f4d76a286df7bbc79344ce4e358cfa77a98b
SHA256

ff57f75e8d99b340443e17feaeccd75d7fa69f7034ae8018bb99cf2d9a232ac3
SHA512

8b9dc83b711ccb7d9c29c924a2a2df1d5af95a66a3716fc385f23cd3b9c46b392a2e7b2605f55d203fac49bfc57430de2d0a3348979bc6db70724f8e39a0ef37
SSDEEP

98304:6egPGXQIMf4VuvSlYwwMkHyilLiGWFf1/p3qFCNH4i/IbzhuKbw0X+H2JIrWXqFk:8reuv9qFcnenz4oVlxqgRmu3w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff57f75e8d99b340443e17feaeccd75d7fa69f7034ae8018bb99cf2d9a232ac3

Files

ff57f75e8d99b340443e17feaeccd75d7fa69f7034ae8018bb99cf2d9a232ac3
.dll windows:6 windows x86 arch:x86

333db557fc70f5922dc2e4fbf556d65a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\KK_Work\Git\Documents\windowssdk-udp\lib\x86\ReleaseLib\CloudClinkAPI.pdb

Imports

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdiplusStartup
GdiplusShutdown
GdipGetImageHeight
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageWidth
GdipDrawImageI

iphlpapi

GetExtendedTcpTable
GetAdaptersInfo

kernel32

ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
TryEnterCriticalSection
LCMapStringW
GetStringTypeW
GetCPInfo
OpenEventA
GetLogicalProcessorInformation
CreateWaitableTimerA
FormatMessageA
OutputDebugStringW
CreateThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetVersionExA
SetEnvironmentVariableA
SearchPathW
GetProfileIntW
GetTempFileNameW
GetWindowsDirectoryW
WriteConsoleW
FindResourceExW
lstrcpyW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
VirtualProtect
GlobalGetAtomNameW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
CopyFileW
GlobalSize
SetErrorMode
LocalFree
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
MulDiv
GlobalFree
GlobalFindAtomW
LoadLibraryA
EncodePointer
OutputDebugStringA
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LockResource
LoadLibraryExW
GetVersionExW
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
FreeResource
GlobalUnlock
GlobalLock
FindResourceW
LoadResource
GetUserDefaultLCID
SizeofResource
MoveFileW
GetSystemInfo
GetModuleHandleA
GetSystemDirectoryW
CreateFileW
ReleaseMutex
CreateMutexA
GetTickCount
DeleteFileW
InitializeCriticalSection
GetPrivateProfileIntW
GetModuleFileNameA
CreateDirectoryW
Module32NextW
WideCharToMultiByte
FreeLibrary
GetModuleHandleW
GetProcAddress
Module32FirstW
LoadLibraryW
WritePrivateProfileStringA
GetNativeSystemInfo
Process32FirstW
CreateFileA
Process32NextW
CreateToolhelp32Snapshot
DeviceIoControl
GetCurrentProcess
GetModuleFileNameW
GetPrivateProfileStringA
CreateIoCompletionPort
QueryPerformanceCounter
CreateEventA
CreateSemaphoreA
TlsFree
GetSystemTimeAsFileTime
TlsGetValue
VerifyVersionInfoW
SleepEx
GetProcessHeap
GetCurrentProcessId
VerSetConditionMask
DeleteCriticalSection
DecodePointer
QueueUserAPC
HeapAlloc
RaiseException
CloseHandle
HeapReAlloc
QueryPerformanceFrequency
TlsAlloc
WaitForSingleObjectEx
TerminateThread
SetEvent
OpenMutexA
GetLastError
Sleep
MultiByteToWideChar
CreateEventW
PostQueuedCompletionStatus
HeapSize
OpenProcess
SignalObjectAndWait
SwitchToThread
GetThreadPriority
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
VirtualFree
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
GlobalMemoryStatus
FlushConsoleInputBuffer
GetSystemTime
WaitForSingleObject
WaitForMultipleObjectsEx
InitializeCriticalSectionEx
GetTempPathW
GetQueuedCompletionStatus
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
TerminateProcess
ReleaseSemaphore
CreateWaitableTimerW
EnterCriticalSection
ReadConsoleInputA
SetConsoleMode
SetLastError
HeapFree
TlsSetValue
SetWaitableTimer
GlobalAlloc
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetConsoleCtrlHandler
FreeEnvironmentStringsW
ExitProcess
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetDriveTypeW
PeekNamedPipe
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetACP
GetStdHandle
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW

user32

SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMetrics
DrawIcon
SetTimer
SetWindowLongW
GetClientRect
KillTimer
IsIconic
ReleaseDC
EnableWindow
wsprintfW
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
EnumDisplayMonitors
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
UnregisterClassW
SetClassLongW
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
UnionRect
DrawStateW
SendMessageW
GetDC
GetWindowRect
PostMessageW
GetWindowLongW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
CreateMenu
GetActiveWindow
GetKeyState
GetWindowRgn
DestroyCursor
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostQuitMessage
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
LoadImageW
TrackMouseEvent
IntersectRect
MapDialogRect
GetAsyncKeyState
OffsetRect
SetRectEmpty
SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
CharUpperW
DestroyIcon
LoadCursorW
GetSysColorBrush
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoW
CopyImage
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
UnhookWindowsHookEx
IsClipboardFormatAvailable

advapi32

RegCreateKeyExW
RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
CreateServiceW
CloseServiceHandle
OpenSCManagerW
DeleteService
StartServiceW
OpenServiceW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegEnumValueW
RegEnumKeyExW
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
RegisterEventSourceA
ReportEventA
DeregisterEventSource

ole32

OleCreateMenuDescriptor
CoTaskMemFree
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoCreateGuid
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal

shell32

SHAppBarMessage
DragFinish
DragQueryFileW
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW

ws2_32

shutdown
freeaddrinfo
WSARecv
listen
WSARecvFrom
WSASendTo
getsockopt
connect
getaddrinfo
WSAIoctl
accept
__WSAFDIsSet
bind
closesocket
WSASend
select
ntohl
WSASetLastError
WSAStringToAddressW
WSASocketW
WSAStartup
ntohs
getsockname
WSACleanup
inet_ntoa
htonl
htons
ioctlsocket
setsockopt
WSAGetLastError
inet_addr
getpeername
recv
recvfrom
send
sendto
socket

mswsock

AcceptEx
GetAcceptExSockaddrs

gdi32

DeleteObject
DeleteDC
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SetTextColor
GetObjectW
BitBlt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetDeviceCaps
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

crypt32

CertFreeCertificateContext

Exports

Exports

ClinkStart
ClinkStop
GetLocalIp

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 806KB - Virtual size: 806KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

333db557fc70f5922dc2e4fbf556d65a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

iphlpapi

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

ws2_32

mswsock

gdi32

msimg32

winspool.drv

uxtheme

oleacc

imm32

winmm

crypt32

Exports

Exports

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 806KB - Virtual size: 806KB

.data Size: 79KB - Virtual size: 122KB

.gfids Size: 107KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 202KB - Virtual size: 201KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 806KB - Virtual size: 806KB

.data
Size: 79KB - Virtual size: 122KB

.gfids
Size: 107KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 202KB - Virtual size: 201KB