3801b7fdf4d6d5961375c1814dd959c62cb5e37c641c455354ef0479a9d8f3ad

Sharing

Copy URL

Twitter E-mail

General

Target

3801b7fdf4d6d5961375c1814dd959c62cb5e37c641c455354ef0479a9d8f3ad
Size

2.2MB
MD5

9404e5829629d3b5cf6440ad4962dbf8
SHA1

7941583e9d9fa16b5fb9f4cb79728d9ed53524b4
SHA256

3801b7fdf4d6d5961375c1814dd959c62cb5e37c641c455354ef0479a9d8f3ad
SHA512

0adbe23b8eb4db735bbe8d8d5d0c34ed303d1a4cec1b6236618116a45b8f5addc4c5d7b29925254e5d46c2e4fe425a94ae7b85c1cedc42a656a482528e711eb3
SSDEEP

49152:M5UGp5EQXXeM2/FUMwT2NLku3hLzpGc1RDOGxd3hmC:8bp3OM2/FUMU2NLkwhLzpGQd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3801b7fdf4d6d5961375c1814dd959c62cb5e37c641c455354ef0479a9d8f3ad

Files

3801b7fdf4d6d5961375c1814dd959c62cb5e37c641c455354ef0479a9d8f3ad
.dll windows:6 windows x86 arch:x86

d45fc2dbe15a83401eb0ee9d182c6181

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\newcitest2\20230526\PKPM_V1.5.1.0_20230526_0016\Ci\SPP_OLD\pkpm_ribbon_spp\_runtime\Win32\Release\SPP\SDControlExhibit32.pdb

Imports

kernel32

ReadConsoleW
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetFullPathNameW
VirtualQuery
VirtualAlloc
GetSystemInfo
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
RtlUnwind
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetCurrentDirectoryW
CreateFileW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetDriveTypeW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
GetTempFileNameA
Sleep
GetProfileIntA
GetTickCount
SearchPathA
GetTempPathA
FindResourceExW
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
VerifyVersionInfoA
VerSetConditionMask
GetCPInfo
GetOEMCP
VirtualProtect
GetACP
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CreateFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
LoadLibraryA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FindResourceA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalSize
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
WaitForSingleObject
SetEvent
CloseHandle
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetProcessHeap
GetModuleFileNameA
GetVersionExA
GetCurrentThreadId
GetCurrentThread
SetLastError
OutputDebugStringA
DeleteCriticalSection
DecodePointer
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
DeleteFileA
FreeLibrary
lstrcpyA
GetProcAddress
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
HeapAlloc
HeapFree
GetModuleHandleExW
WriteConsoleW

user32

MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
InsertMenuItemA
MonitorFromPoint
EnableWindow
SendMessageA
DrawTextExA
GetWindowRect
GetWindowLongA
ReleaseDC
MapVirtualKeyA
GetKeyNameTextA
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
UnhookWindowsHookEx
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GrayStringA
TabbedTextOutA
GetWindowDC
ClientToScreen
DrawStateA
SetRectEmpty
GetSystemMetrics
DestroyMenu
GetMenuItemInfoA
UnionRect
SystemParametersInfoA
CopyImage
CheckDlgButton
SendDlgItemMessageA
SetWindowTextA
IsDialogMessageA
SetWindowPlacement
DrawTextA
SetWindowLongA
PeekMessageA
TranslateMessage
DispatchMessageA
GetClientRect
InvalidateRect
GetDC
InflateRect
FillRect
LoadMenuW
CopyRect
DrawEdge
OffsetRect
UnregisterClassA
CallWindowProcA
PostMessageA
PostQuitMessage
GetFocus
LoadMenuA
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
GetMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxA
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
LoadImageW
DrawFrameControl
DrawFocusRect
DrawIconEx
DeleteMenu
RealChildWindowFromPoint
SetTimer
KillTimer
GetSysColorBrush
LoadCursorA
DestroyIcon
CharUpperA
IntersectRect
GetAsyncKeyState
MapDialogRect
SetLayeredWindowAttributes
LoadCursorW
EnumDisplayMonitors
TrackMouseEvent
IsZoomed
SetCapture
ReleaseCapture
GetSystemMenu
SetWindowRgn
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
RedrawWindow
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
SetRect
SetParent
BringWindowToTop
LockWindowUpdate
SetClassLongA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageA
RegisterClipboardFormatA
CharUpperBuffA
ModifyMenuA
LoadAcceleratorsA
TranslateAcceleratorA
UnpackDDElParam
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
DrawIcon
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
WaitMessage
PostThreadMessageA
FrameRect
CopyIcon
ReuseDDElParam

gdi32

GetObjectA
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetTextColor
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32A
GetTextMetricsA
CombineRgn
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBSection
EnumFontFamiliesExA
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
SetBkColor
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
DeleteDC
CreateFontIndirectA
CreateFontA
FrameRgn
FillRgn
CreateRoundRectRgn
CreateSolidBrush
OffsetViewportOrgEx
Rectangle

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHBrowseForFolderA
DragQueryFileA
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
DragFinish

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

IsAppThemed
DrawThemeText
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground

ole32

RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CreateStreamOnHGlobal
DoDragDrop
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
RevokeDragDrop
CoTaskMemAlloc

oleaut32

VarBstrFromDate
VariantCopy
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
SysAllocString
VariantTimeToSystemTime

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipBitmapLockBits
GdiplusShutdown

sdcore32

?findInterface@SDRegister@sd@@QAE?AV?$ref_ptr@VSDInterface@sd@@@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@0@Z
?instance@SDRegister@sd@@SAPAV12@XZ
?getImplementCount@SDRegister@sd@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?findInterface@SDRegister@sd@@QAE?AV?$ref_ptr@VSDInterface@sd@@@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@H@Z
??0Referenced@sd@@QAE@XZ
?registerInterface@SDRegister@sd@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@V?$ref_ptr@VSDInterface@sd@@@2@@Z
?findOrLoadLibrary@SDDynamicLibrary@sd@@SAQAUHINSTANCE__@@ABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?getOrCreateObserverSet@Referenced@sd@@QBEPAVObserverSet@2@XZ
??1Referenced@sd@@MAE@XZ
?unregisterInterface@SDRegister@sd@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@0@Z
?unref@Referenced@sd@@QBEHXZ
?setThreadSafeRefUnref@Referenced@sd@@UAEX_N@Z
?ref@Referenced@sd@@QBEHXZ

sdtool32

?removeReadonlyAttr@SDFile@sd@@SAXPBD@Z
?getProjectPath@SDFile@sd@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@XZ
?ApplicationCrashHandler@SDUtility@sd@@SAJPAU_EXCEPTION_POINTERS@@@Z
?trans_func@SE_Exception@sd@@SAXIPAU_EXCEPTION_POINTERS@@@Z
?WriteLog@SDLog@sd@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@0_N1@Z

sdparainterface32

?getMainDlgHwnd@SDParaFacade@sd@@QBEPAUHWND__@@XZ
?setFilter@SDDiagramPara@sd@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@0@Z
?delDiagramPara@SDParaFacade@sd@@QAEXPAVSDDiagramPara@2@@Z
?createDiagramPara@SDParaFacade@sd@@QAEPAVSDDiagramPara@2@XZ
?getMainView@SDParaFacade@sd@@QBEPAUHWND__@@XZ
?setScientificScope@SDParaFacade@sd@@QAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?getScientificScope@SDParaFacade@sd@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?findPara@SDParaFacade@sd@@QAE?AV?$ref_ptr@VSDParaInterface@sd@@@2@V?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?instance@SDParaFacade@sd@@SAPAV12@XZ
?addPara@SDParaFacade@sd@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@V?$ref_ptr@VSDParaInterface@sd@@@2@@Z
?removePara@SDParaFacade@sd@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?getLineChartStyle@SDParaFacade@sd@@QAEHXZ
?getStandardClausesStyle@SDParaFacade@sd@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?setStandardClausesStyle@SDParaFacade@sd@@QAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@Z
?setLineChartStyle@SDParaFacade@sd@@QAEXH@Z

sdui32

?instance@SDUIMgn@sd@@SAPAV12@XZ
?HidePanelOpera@SDUIMgn@sd@@QAEXXZ
?refreshListPanel@SDUIMgn@sd@@QAEXPAVSDIOperaDialog@@@Z
?ShowPanelOpera@SDUIMgn@sd@@QAEXXZ
?changeOperaDocking@SDUIMgn@sd@@QAEXPAVSDIOperaDialog@@@Z
?refresh@SDUIMgn@sd@@QAEXPAUtagLIST_INFO@2@@Z

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

test_SDControlExhibitImp

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d45fc2dbe15a83401eb0ee9d182c6181

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

sdcore32

sdtool32

sdparainterface32

sdui32

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 364KB - Virtual size: 363KB

.data Size: 23KB - Virtual size: 41KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 148KB - Virtual size: 147KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 364KB - Virtual size: 363KB

.data
Size: 23KB - Virtual size: 41KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 148KB - Virtual size: 147KB

.rmnet
Size: 56KB - Virtual size: 60KB