b9ab713bd6eecb4c68b4ad696cefe33e8d8a33d0f404f21e0266b5b9411475f5

Sharing

Copy URL

Twitter E-mail

General

Target

b9ab713bd6eecb4c68b4ad696cefe33e8d8a33d0f404f21e0266b5b9411475f5
Size

1.0MB
MD5

c95b3bde8f371bf70c7dd1a901ad7deb
SHA1

aaecc8bec6f7b5e696d23fdb85e3bf2f7dbe45df
SHA256

b9ab713bd6eecb4c68b4ad696cefe33e8d8a33d0f404f21e0266b5b9411475f5
SHA512

6ef48a6605c07265ac2b2070afaa8abccb3e597cea02d0b54a4d6a5aa28dcb93f86e1df42dabed2815186e873a15d52692c9a20232674a8cc286ad5b179cf915
SSDEEP

24576:vEun9gaWTCW8l04r6kLiCs8LPYZpJkSXTAqfA:vEun97jl0sVLZLPcJkSXT6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b9ab713bd6eecb4c68b4ad696cefe33e8d8a33d0f404f21e0266b5b9411475f5

Files

b9ab713bd6eecb4c68b4ad696cefe33e8d8a33d0f404f21e0266b5b9411475f5
.dll windows:4 windows x86 arch:x86

937b744d02119dc2d05858cdef42b478

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

I:\VS70Builds\3077\vsbuilt\retail\Bin\i386\opt\vdt70g.pdb

Imports

kernel32

OutputDebugStringA
RtlUnwind
ExitProcess
RaiseException
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
SetUnhandledExceptionFilter
GetCPInfo
InitializeCriticalSection
InterlockedExchange
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
VirtualAlloc
WaitForSingleObject
CompareStringW
CompareStringA
ConvertDefaultLocale
IsBadCodePtr
IsValidCodePage
GetOEMCP
LoadResource
LockResource
SetLastError
VirtualFree
ReleaseMutex
CreateMutexA
GetVersionExW
IsValidLocale
GetUserDefaultLCID
GetSystemTime
GetTickCount
_lclose
IsDBCSLeadByte
WideCharToMultiByte
GetACP
LCMapStringW
LCMapStringA
HeapSize
HeapFree
HeapReAlloc
HeapDestroy
HeapCreate
HeapAlloc
GlobalReAlloc
GlobalHandle
GetSystemDefaultLCID
CloseHandle
RemoveDirectoryW
RemoveDirectoryA
GetTimeFormatW
GetTimeFormatA
GetEnvironmentVariableW
GetEnvironmentVariableA
GetDateFormatW
GetDateFormatA
GetComputerNameW
GetComputerNameA
FormatMessageW
FormatMessageA
LocalAlloc
LocalFree
CreateProcessW
CreateProcessA
CreateEventW
CreateEventA
CopyFileW
CopyFileA
GetSystemDirectoryW
GetSystemDirectoryA
WriteProfileStringW
WriteProfileStringA
WritePrivateProfileStringW
WritePrivateProfileStringA
SetEnvironmentVariableW
SetEnvironmentVariableA
SetFileAttributesW
SetFileAttributesA
SetCurrentDirectoryW
SetCurrentDirectoryA
MultiByteToWideChar
SearchPathW
SearchPathA
MoveFileW
MoveFileA
lstrcmpW
lstrcmpA
lstrcmpiW
lstrcmpiA
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
GlobalGetAtomNameW
GlobalGetAtomNameA
GlobalAddAtomW
GlobalAddAtomA
GetWindowsDirectoryW
GetWindowsDirectoryA
GetVolumeInformationW
GetCurrentProcessId
GetVolumeInformationA
GetTempPathW
GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetShortPathNameW
GetShortPathNameA
GetProfileStringW
GetProfileStringA
GetProfileIntW
GetProfileIntA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetFullPathNameW
GetFullPathNameA
GetFileAttributesW
GetFileAttributesA
GetDriveTypeW
GetDriveTypeA
GetCurrentDirectoryW
GetCurrentDirectoryA
FindResourceW
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
DeleteFileW
DeleteFileA
CreateFileW
CreateFileA
CreateDirectoryW
CreateDirectoryA
AddAtomW
AddAtomA
GetLocaleInfoA
lstrcpyA
GetLastError
lstrlenA
GlobalAlloc
GlobalSize
GetSystemDefaultLangID
SetErrorMode
GetProcAddress
IsBadReadPtr
FreeLibrary
GetVersionExA
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
Sleep
GetUserDefaultLangID
GetCurrentThreadId
GetCommandLineA

user32

SetRectEmpty
ShowCursor
WindowFromPoint
SetCursor
CharUpperA
IsWindowUnicode
ScrollDC
EmptyClipboard
CloseClipboard
OpenClipboard
GetSysColorBrush
SubtractRect
GetMessageTime
InvertRect
LoadKeyboardLayoutW
LoadKeyboardLayoutA
GetKeyboardLayoutList
ActivateKeyboardLayout
HideCaret
DestroyCaret
CreateCaret
SetCaretPos
ShowCaret
GetKeyboardLayout
CopyRect
MessageBeep
MessageBoxW
FillRect
SetRect
GetSysColor
DrawFocusRect
SetFocus
IsIconic
GetSystemMetrics
SendDlgItemMessageW
GetDlgItem
UnregisterClassW
UnregisterClassA
LoadImageW
LoadImageA
GetTabbedTextExtentW
GetTabbedTextExtentA
GetPropW
GetPropA
SetPropW
SetPropA
LoadStringW
LoadStringA
DdeQueryStringW
DdeQueryStringA
DdeCreateStringHandleW
DdeCreateStringHandleA
wsprintfW
wvsprintfW
wvsprintfA
WinHelpW
WinHelpA
VkKeyScanW
VkKeyScanA
SystemParametersInfoW
SystemParametersInfoA
SetWindowTextW
SetWindowTextA
SetWindowLongW
SetWindowLongA
SetDlgItemTextW
SetDlgItemTextA
SetClassLongW
SetClassLongA
SendMessageW
SendMessageA
RemovePropW
RemovePropA
RegisterWindowMessageW
RegisterWindowMessageA
RegisterClipboardFormatW
RegisterClipboardFormatA
RegisterClassW
RegisterClassExW
RegisterClassExA
ModifyMenuW
ModifyMenuA
LoadMenuW
LoadMenuA
LoadIconW
LoadIconA
LoadCursorFromFileW
LoadCursorW
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
IsCharUpperW
IsCharUpperA
IsCharAlphaNumericW
IsCharAlphaNumericA
IsCharAlphaW
IsCharAlphaA
InsertMenuW
InsertMenuA
GrayStringW
GrayStringA
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetWindowLongA
GetMenuStringW
GetMenuStringA
GetDlgItemTextW
GetDlgItemTextA
GetClipboardFormatNameW
GetClipboardFormatNameA
GetClassNameW
GetClassNameA
GetClassLongW
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoW
GetClassInfoA
FindWindowW
FindWindowA
DrawTextW
DrawTextA
DlgDirListW
DlgDirListA
DialogBoxParamW
DialogBoxParamA
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharLowerW
CharLowerBuffW
CharLowerBuffA
ChangeMenuW
ChangeMenuA
AppendMenuW
AppendMenuA
SetParent
ShowScrollBar
IsWindowVisible
SetWindowPos
InflateRect
MoveWindow
CallWindowProcA
CallWindowProcW
GetAsyncKeyState
SetTimer
PeekMessageA
PeekMessageW
KillTimer
ScreenToClient
IsChild
DefWindowProcA
DefWindowProcW
ClientToScreen
ShowWindow
ScrollWindow
MapWindowPoints
GetWindowThreadProcessId
GetForegroundWindow
IsWindow
GetFocus
GetActiveWindow
GetKeyState
GetCapture
RedrawWindow
InvalidateRect
DestroyWindow
GetParent
UpdateWindow
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetDC
ReleaseDC
GetClientRect
PostMessageA
PostMessageW
ExcludeUpdateRgn
EqualRect
IntersectRect
PtInRect
DestroyIcon
LoadCursorFromFileA
GetWindowRect
IsRectEmpty
ScrollWindowEx
OffsetRect
GetWindow
SetScrollRange
SetScrollPos
GetUpdateRgn
GetScrollRange
GetUpdateRect
ValidateRect
GetCursorPos

advapi32

RegCreateKeyExA
GetUserNameW
GetUserNameA
GetFileSecurityW
GetFileSecurityA
RegCreateKeyExW
RegCreateKeyA
RegCreateKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyExW
RegEnumKeyA
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyA
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryValueA
RegQueryValueW
RegSetValueExA
RegSetValueExW
RegSetValueA
RegSetValueW
SetFileSecurityA
SetFileSecurityW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegCloseKey
RegEnumValueA
RegEnumValueW

gdi32

GetDeviceCaps
SetBkColor
DeleteObject
BitBlt
CreatePatternBrush
CreateBitmap
SetTextColor
SetBkMode
GetPaletteEntries
GetNearestPaletteIndex
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateICW
CreateDCW
RestoreDC
SaveDC
SetMapMode
Escape
ExtEscape
GdiComment
GetObjectType
DeleteDC
EnumFontFamiliesExA
PatBlt
SetBrushOrgEx
RealizePalette
SelectPalette
InvertRgn
RectVisible
CombineRgn
GetClipBox
LineTo
MoveToEx
StretchBlt
Polygon
GetStockObject
CreatePolygonRgn
PtInRegion
RectInRegion
AddFontResourceA
AddFontResourceW
CopyEnhMetaFileA
CopyEnhMetaFileW
CopyMetaFileA
CopyMetaFileW
CreateDCA
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontIndirectA
CreateFontIndirectW
CreateFontA
CreateFontW
CreateICA
CreateMetaFileA
CreateMetaFileW
EnumFontFamiliesA
EnumFontFamiliesW
EnumFontsA
EnumFontsW
GetEnhMetaFileA
GetEnhMetaFileW
GetEnhMetaFileDescriptionW
GetObjectA
GetObjectW
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
StartDocA
StartDocW
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetTextExtentPointA
GetTextExtentPointW
GetCharWidthW
GetCharWidthA
GetCharWidth32W
ExtTextOutA
GetMetaFileA
GetMetaFileW
RemoveFontResourceA
RemoveFontResourceW
DPtoLP
LPtoDP
SetMapperFlags
UnrealizeObject
GetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetWindowOrgEx
SetRectRgn
CreateRectRgn
CreateSolidBrush
CreateCompatibleBitmap
CreatePen
Rectangle
SetStretchBltMode
Ellipse
CreatePalette
StretchDIBits
CreateDIBitmap
OffsetViewportOrgEx
GetBkMode
SetTextAlign
GetTextAlign
GetTextExtentPoint32W
GetTextColor
OffsetRgn
PaintRgn
FillRgn
SetROP2
GetROP2
GetNearestColor
GetBkColor
CreateHalftonePalette
GetSystemPaletteEntries
GetSystemPaletteUse
SetDIBits
GetTextCharsetInfo
GetTextCharset
GetCurrentObject
GetTextExtentPoint32A
ExtTextOutW
SetViewportOrgEx
GetFontData

ole32

OleInitialize
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgCreateDocfile
CoTaskMemAlloc
CreateBindCtx
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
OleSetClipboard
OleGetClipboard
OleFlushClipboard

oleaut32

SysStringLen
SysFreeString
VariantInit
VariantChangeTypeEx
VariantClear

Exports

Exports

??0ICX@@QAE@ABV0@@Z
??0ICX@@QAE@XZ
??1ICX@@UAE@XZ
??4ICX@@QAEAAV0@ABV0@@Z
??_7ICX@@6B@
?InitPioneerUtilities@@YAXXZ
?g_PioneerFunctions@@3UPIONEERPTRS@@A
AddDCC
DelIfmRef
GridInitialize
GridPaint
HwndCreate
HwndGridCreate
IfmOfLpfmind
PfmOfIfm
RemoveDCC
_DllMain@12
g_hInstGridDLL

Sections

.text
Size: 584KB - Virtual size: 583KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bootdat
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

937b744d02119dc2d05858cdef42b478

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

gdi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 584KB - Virtual size: 583KB

.data Size: 196KB - Virtual size: 215KB

.bootdat Size: 4KB - Virtual size: 2KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 28KB - Virtual size: 26KB

.text Size: 180KB - Virtual size: 180KB

.text
Size: 584KB - Virtual size: 583KB

.data
Size: 196KB - Virtual size: 215KB

.bootdat
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 28KB - Virtual size: 26KB

.text
Size: 180KB - Virtual size: 180KB