b95159cf0ccce4694e32ff9487ede5f2fc6e171bd33d17e1e287733fff9b2507

Sharing

Copy URL

Twitter E-mail

General

Target

b95159cf0ccce4694e32ff9487ede5f2fc6e171bd33d17e1e287733fff9b2507
Size

1.4MB
MD5

5ccd85138c6aa027481216878b9afa0c
SHA1

d49b5ca467958ef4bbc56904e15ad019581c6b4c
SHA256

b95159cf0ccce4694e32ff9487ede5f2fc6e171bd33d17e1e287733fff9b2507
SHA512

7f7831848e5b1103a34b430904a50113d13ee09a1e15f5eb4b87d51804ebb5197960260f0ba0f0a0480a37098d8815c8068ad730e2920a58a24ddb08dfbd18dd
SSDEEP

24576:T6esojS/STi6eF5OM1rmG2FnaXb0nkTCgBMiHb5qod8rEH7B:zsoOKiVmG2FnaX9TCgBMiHb5qodF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b95159cf0ccce4694e32ff9487ede5f2fc6e171bd33d17e1e287733fff9b2507

Files

b95159cf0ccce4694e32ff9487ede5f2fc6e171bd33d17e1e287733fff9b2507
.dll windows:6 windows x86 arch:x86

367d24bd0b3b3bc56e2cbe9cd4c31df0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Workspace\hoffice-master\hpdfconv\Build\Release_90\HNCE2PTP.pdb

Imports

msimg32

TransparentBlt
GradientFill
AlphaBlend

kernel32

ReadConsoleW
GetConsoleCP
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
DeleteCriticalSection
DecodePointer
InitializeCriticalSectionAndSpinCount
GetTempFileNameA
GetTempPathA
RaiseException
GetConsoleMode
LockResource
LoadResource
SizeofResource
FreeLibrary
GetProcAddress
FindResourceW
GetModuleHandleW
DeleteFileW
GetSystemDefaultUILanguage
GetLastError
WideCharToMultiByte
MultiByteToWideChar
WriteFile
ReadFile
CloseHandle
CreateFileW
GlobalAlloc
HeapFree
GetProcessHeap
HeapAlloc
GlobalFree
SetEnvironmentVariableW
SetStdHandle
SetEndOfFile
WriteConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
SetLastError
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetEvent
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapReAlloc
GetStdHandle
GetFileType
HeapSize
GetTimeZoneInformation

user32

GetWindowLongW
SendMessageW
MessageBoxW
GetActiveWindow
LoadStringW
FillRect
DispatchMessageW
TranslateMessage
SetWindowLongW
PeekMessageW
SetRect
ReleaseDC
GetDC
MessageBoxA

gdi32

EnumEnhMetaFile
GetEnhMetaFileHeader
CreatePen
DPtoLP
GetRegionData
GetMiterLimit
GetObjectType
GetMapMode
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
PlayEnhMetaFile
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetTextAlign
GetBkMode
GetCharABCWidthsW
GetOutlineTextMetricsA
GetGlyphIndicesW
GetFontUnicodeRanges
GetTextMetricsW
GetROP2
GetPolyFillMode
OffsetRgn
CreatePolygonRgn
GetCurrentObject
GetPath
GetArcDirection
GetCurrentPositionEx
CombineTransform
GetFontData
CombineRgn
CreateDIBSection
GetDIBits
GetTextColor
GetBkColor
GetDeviceCaps
CreateDIBitmap
GetObjectW
SetLayout
PaintRgn
InvertRgn
FrameRgn
FillRgn
PolyTextOutW
SetGraphicsMode
SetWorldTransform
GdiComment
SetMapMode
SetBkMode
SetBkColor
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SaveDC
RestoreDC
IntersectClipRect
SelectObject
GetStockObject
DeleteObject
SetWindowOrgEx
SetWindowExtEx
ExtTextOutW
ExtTextOutA
SetViewportOrgEx
SetViewportExtEx
CreatePenIndirect
ExtCreatePen
CreateBrushIndirect
CreateFontIndirectW
MoveToEx
LineTo
Rectangle
Ellipse
Polygon
Polyline
PolylineTo
PolyBezier
PolyBezierTo
PolyPolygon
PolyPolyline
StretchDIBits
CreatePalette
SelectPalette
RealizePalette
CreateRectRgn
GetClipRgn
ExtSelectClipRgn
ExtCreateRegion
SetMetaRgn
ModifyWorldTransform
SetBrushOrgEx
SetPixelV
SetMapperFlags
SetColorAdjustment
OffsetClipRgn
ExcludeClipRect
ScaleViewportExtEx
ScaleWindowExtEx
AngleArc
RoundRect
Arc
Chord
Pie
ArcTo
PolyDraw
SetArcDirection
SetMiterLimit
BeginPath
EndPath
CloseFigure
FillPath
StrokeAndFillPath
StrokePath
FlattenPath
WidenPath
SelectClipPath
AbortPath
CreateColorSpaceA
SetColorSpace
DeleteColorSpace
SetICMMode
ChoosePixelFormat
SetPixelFormat
SetPaletteEntries
ResizePalette
CreateDIBPatternBrushPt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
PatBlt
PolyTextOutA
DeleteDC
StretchBlt
CreateBitmap
SetDIBits
MaskBlt
PlgBlt
SetDIBitsToDevice
GetWorldTransform
BitBlt

advapi32

RegCreateKeyExW
RegCloseKey
RegQueryValueExW

ole32

StringFromGUID2
CoCreateGuid

Exports

Exports

??0CEMF2PDFTranscoder@@QAE@PAUHWND__@@@Z
??1CEMF2PDFTranscoder@@QAE@XZ
??4CEMF2PDFTranscoder@@QAEAAV0@ABV0@@Z
?BeginDocument@CEMF2PDFTranscoder@@QAEHPBU_tagDOCUMENT_INFO@@I@Z
?EndDocument@CEMF2PDFTranscoder@@QAEHXZ
?TranscodePage@CEMF2PDFTranscoder@@QAEHPAUHENHMETAFILE__@@HH@Z
?_SetEmfPageContext@CEMF2PDFTranscoder@@AAEHPAUHDC__@@PAUHENHMETAFILE__@@AAU_tagEMFCONTEXT@@@Z

Sections

.text
Size: 977KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

367d24bd0b3b3bc56e2cbe9cd4c31df0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msimg32

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 977KB - Virtual size: 976KB

.rdata Size: 292KB - Virtual size: 292KB

.data Size: 19KB - Virtual size: 43KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 47KB - Virtual size: 47KB

.text
Size: 977KB - Virtual size: 976KB

.rdata
Size: 292KB - Virtual size: 292KB

.data
Size: 19KB - Virtual size: 43KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 47KB - Virtual size: 47KB