dad5b5f8f721563436f6dc8f2498b45c8be8f29e447dc6fc4c64ca6a732e777e

Sharing

Copy URL

Twitter E-mail

General

Target

dad5b5f8f721563436f6dc8f2498b45c8be8f29e447dc6fc4c64ca6a732e777e
Size

3.0MB
MD5

56c901692e109b418fc4d9df77f8a35f
SHA1

9b4b27861bd93a65e120e4f0d1ccda5ee7460f47
SHA256

dad5b5f8f721563436f6dc8f2498b45c8be8f29e447dc6fc4c64ca6a732e777e
SHA512

4f592491d0554f715d15a823f525d2d5fc255409e1050a7d67905fc00e4a004547e0bcc59ec31aafdf3710dc59e03b4e4208ecae42c375f6c61da8f32b8be75a
SSDEEP

98304:oHhBgZWAfVeamOKrFMqCbgkYptok3UDmYoXEIrKU//:oBBUW3fCbjw72kEIrKU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dad5b5f8f721563436f6dc8f2498b45c8be8f29e447dc6fc4c64ca6a732e777e

Files

dad5b5f8f721563436f6dc8f2498b45c8be8f29e447dc6fc4c64ca6a732e777e
.dll windows:5 windows x86 arch:x86

b6ec174771d943a993a947f267047d42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\_All_\_Dev_\ANA\Structure_Design_2015\PMSPP\PMSPP_TFS-520(V3.2)\Output\Win32\Release\spp\SDControlSingleM32.pdb

Imports

kernel32

GetHandleInformation
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
IsBadReadPtr
UnmapViewOfFile
ReleaseMutex
CreateMutexA
TerminateThread
CreateProcessA
SetEnvironmentVariableA
CreateFileW
GetCurrentDirectoryW
IsValidLocale
EnumSystemLocalesA
WriteConsoleW
CompareStringW
GetDriveTypeW
GetTimeZoneInformation
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetConsoleMode
GetConsoleCP
GetStartupInfoW
SetHandleCount
GetLocaleInfoW
IsProcessorFeaturePresent
LCMapStringW
IsValidCodePage
HeapDestroy
HeapCreate
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
ExitProcess
CreateThread
ExitThread
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
GetCommandLineA
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
GetUserDefaultLCID
SearchPathA
Sleep
GetProfileIntA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
GetTickCount
GetNumberFormatA
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentDirectoryA
GetACP
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
GetThreadLocale
InterlockedIncrement
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
CreateEventA
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalFree
GlobalSize
FormatMessageA
LocalFree
GetCurrentProcessId
GetModuleFileNameA
MulDiv
GetLocalTime
FreeLibrary
GetCurrentThreadId
DeleteFileA
GlobalUnlock
GlobalLock
GlobalAlloc
CopyFileA
HeapAlloc
HeapFree
GetProcessHeap
InterlockedDecrement
CloseHandle
WriteFile
CreateFileA
lstrcmpiA
FreeResource
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceA
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetVersion
GetLastError
DeactivateActCtx
SetLastError
GetCPInfo
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
lstrlenA
GetVersionExA
VirtualFree

user32

ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
IntersectRect
DestroyMenu
MapVirtualKeyA
GetKeyNameTextA
GetMenuStringA
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EndPaint
BeginPaint
ScreenToClient
SetWindowLongA
SetRectEmpty
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
MapWindowPoints
GetCursorPos
InvalidateRgn
SetCapture
GetNextDlgGroupItem
SetFocus
FindWindowExA
MessageBeep
CharUpperA
CopyRect
GetSysColor
FillRect
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsIconic
LoadIconW
IsWindow
FrameRect
CreateIconIndirect
GetIconInfo
DrawStateA
OffsetRect
DrawFocusRect
InflateRect
GetActiveWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
GetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
GetCapture
WindowFromPoint
ClientToScreen
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetWindowRect
LoadImageA
GetMonitorInfoA
MonitorFromWindow
GetMessagePos
GetMessageTime
DestroyWindow
PtInRect
GetTopWindow
DrawEdge
SetRect
GetMenuItemInfoA
DrawTextA
SystemParametersInfoA
DrawIconEx
DestroyAcceleratorTable
DestroyIcon
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
AppendMenuA
GetMenuItemCount
IsClipboardFormatAvailable
LoadMenuW
NotifyWinEvent
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetTimer
KillTimer
CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
EndDialog
CreateDialogIndirectParamA
CharNextA
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
UnregisterClassA
InsertMenuA
ModifyMenuA
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
RemoveMenu
DeleteMenu
GetSubMenu
EnableWindow
TabbedTextOutA
DrawTextExA
GrayStringA
SetWindowRgn
PostMessageA
InvalidateRect
GetClientRect
GetWindowDC
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
ReleaseCapture
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetAsyncKeyState
IsZoomed
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
SetMenuDefaultItem
GetMenuDefaultItem
GetWindowRgn
DrawIcon
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
CharUpperBuffA
CopyIcon
LoadImageW
RegisterClipboardFormatA
HideCaret
InvertRect
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
SetClassLongA
RealChildWindowFromPoint
LoadCursorA
CopyImage
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
IsRectEmpty
GetSystemMenu
SetParent
CopyAcceleratorTableA

gdi32

IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CopyMetaFileA
CreateDCA
CreateRectRgnIndirect
SetRectRgn
GetMapMode
DPtoLP
ExcludeClipRect
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
CreateRoundRectRgn
SetMapMode
CreateEllipticRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceA
SetPixelV
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
CombineRgn
CreateRectRgn
StretchBlt
GetBkColor
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
Rectangle
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreatePolygonRgn
CreateHatchBrush
PatBlt
SetPixel
GetPixel
GetObjectA
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateFontIndirectA
GetBkMode
CreatePen
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
GetTextColor
Ellipse
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA

shell32

SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathStripToRootA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
PathIsUNCA

ole32

RevokeDragDrop
CoLockObjectExternal
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoUninitialize
CoInitialize
RegisterDragDrop
OleGetClipboard

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocString
SysStringLen
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VarBstrFromDate

oledlg

ord8

sdcore32

?unref@Referenced@sd@@QBEHXZ
?getOrCreateObserverSet@Referenced@sd@@QBEPAVObserverSet@2@XZ
?instance@SDRegister@sd@@SAPAV12@XZ
?findInterface@SDRegister@sd@@QAE?AV?$ref_ptr@VSDInterface@sd@@@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@0@Z
??0Referenced@sd@@QAE@XZ
?setThreadSafeRefUnref@Referenced@sd@@UAEX_N@Z
??1Referenced@sd@@MAE@XZ
?unregisterInterface@SDRegister@sd@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@0@Z
?ref@Referenced@sd@@QBEHXZ
?registerInterface@SDRegister@sd@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@V?$ref_ptr@VSDInterface@sd@@@2@@Z

sdtool32

?SplitString@SDUtility@sd@@SAXAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@V?$STLHeapAlloc@V?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@@@@std@@ABV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@1@Z
?removeReadonlyAttr@SDFile@sd@@SAXPBD@Z
?ApplicationCrashHandler@SDUtility@sd@@SAJPAU_EXCEPTION_POINTERS@@@Z
?getAppdataPath@SDFile@sd@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@XZ
?getProjectPath@SDFile@sd@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@XZ
?trans_func@SE_Exception@sd@@SAXIPAU_EXCEPTION_POINTERS@@@Z

gdiplus

GdipGetImageWidth
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits

winmm

PlaySoundA

acge19

??D@YA?AVAcGeVector2d@@NABV0@@Z
?angle@AcGeVector2d@@QBENXZ
?gTol@AcGeContext@@2VAcGeTol@@A
?normalize@AcGeVector2d@@QAEAAV1@ABVAcGeTol@@@Z

sdparainterface32

?getPDBFile@SDParaFacade@sd@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$STLHeapAlloc@D@@@std@@XZ
?instance@SDParaFacade@sd@@SAPAV12@XZ

pmsap_dbs

_SAP_CLOSE_FILE@8
_SAP_MEMBER_FORCE_CLOSE@8
_SAP_MEMBER_FORCE_IO@40
_SAP_MEMBER_FORCE_OPEN@40
_SAP_ELEDSN_IO@28
_SAP_WPBDEF_IO@28
_SAP_MEMBER_DESIGN_IOB@16
ITYPE_MEMBER_DESIGN_R
_SAP_MEMBER_DESIGN_CLOSE@8
_SAP_MEMBER_DESIGN_IOA@16
_SAP_MEMBER_DESIGN_OPEN@20
_SAP_ELEDEF_IO@40
_SAP_NELE_IO@20
_SAP_MATERIALS_IO@20
_SAP_BAR_SECTIONS_IO@32
_SAP_COORDINATES_IO@24
_SAP_RELEASE_IO@16
_SAP_SYSINFO_IO@12
_SAP_TRANSWALL_IO@32
_SAP_MEMBER_DESIGN_INDEXQ_IOX@32
_SAP_JDJG_INFO_IO@40
_SAP_SUPPORT_IO@20
_SAP_DAMPTAB_IO@20
_SAP_OPEN_FILE@20
_SAP_RESET_FILE_POINTER@8
_SAP_MEMBER_INFO_IO@20
_SAP_CHARINFO_LINE_IO@20

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

imagehlp

SymInitialize
SymCleanup
StackWalk

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 467KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6ec174771d943a993a947f267047d42

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

sdcore32

sdtool32

gdiplus

winmm

acge19

sdparainterface32

pmsap_dbs

oleacc

imm32

imagehlp

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.text1 Size: 512B - Virtual size: 80B

.rdata Size: 467KB - Virtual size: 466KB

.data Size: 35KB - Virtual size: 130KB

.rsrc Size: 484KB - Virtual size: 483KB

.reloc Size: 212KB - Virtual size: 211KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.text1
Size: 512B - Virtual size: 80B

.rdata
Size: 467KB - Virtual size: 466KB

.data
Size: 35KB - Virtual size: 130KB

.rsrc
Size: 484KB - Virtual size: 483KB

.reloc
Size: 212KB - Virtual size: 211KB

.rmnet
Size: 56KB - Virtual size: 60KB