e70e13dbe1d92836042cb43b075e15c2c6fc061adb8b1f5654847fff496221fb

Sharing

Copy URL

Twitter E-mail

General

Target

e70e13dbe1d92836042cb43b075e15c2c6fc061adb8b1f5654847fff496221fb
Size

331KB
MD5

743a8f4ad8114de8df4d5d034f263a2c
SHA1

24fe0f5f29605904cf03bf88eeedaab7aaef1f9e
SHA256

e70e13dbe1d92836042cb43b075e15c2c6fc061adb8b1f5654847fff496221fb
SHA512

a4b2ff64271a6b1bbde44183cc5241ddddf437d84c116580dfae9d14da040b13400a0c911c25a0aca506df9911b4f5a47e84960daf0229b2fa1614f24af79096
SSDEEP

6144:0kHGjm8ECUOiXZ1P5Z8DFtsCana2nkOVF4QWlrV+rh4y9J7Q57P7EPS:0kLOiXjAAHna2nkOrgrADJ7Q5fEPS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e70e13dbe1d92836042cb43b075e15c2c6fc061adb8b1f5654847fff496221fb

Files

e70e13dbe1d92836042cb43b075e15c2c6fc061adb8b1f5654847fff496221fb
.exe windows:5 windows x86 arch:x86

736b2129eacf91b36358469b50d6d21c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\vrushikeshp_data\Live Project_NEW\SVN\Fastscan\Cache_Folder_Checker\VCPP_MFC_ListCtrlSample\MyListCtrlTestDlg\Release\CHFOL_SV.pdb

Imports

kernel32

GetFileSizeEx
GetFileTime
ExitProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileAttributesA
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetModuleHandleW
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalAddAtomA
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
GetCurrentProcessId
GetLastError
SetLastError
GlobalUnlock
lstrlenA
WritePrivateProfileStringA
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetPrivateProfileIntW
GetPrivateProfileIntA
Wow64RevertWow64FsRedirection
Sleep
CloseHandle
OpenProcess
Wow64DisableWow64FsRedirection
GetCurrentProcess
IsWow64Process
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
GetComputerNameA
FindResourceA
LoadResource
LockResource
SizeofResource
GetACP
WideCharToMultiByte

user32

RegisterClipboardFormatA
PostThreadMessageA
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
LoadCursorA
SetCapture
DestroyMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetKeyState
GetCursorPos
WindowFromPoint
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetLastActivePopup
MessageBoxA
UnregisterClassA
CharUpperA
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
UpdateWindow
SetRect
ReleaseDC
GetDC
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageA
SetCursor
GetWindowThreadProcessId
SetFocus
FindWindowExA
SetForegroundWindow
ShowWindow
WaitForInputIdle
FindWindowA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
AppendMenuA
GetSystemMenu
LoadIconA
EnableWindow

gdi32

CreateBitmap
GetStockObject
DeleteDC
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
ExtSelectClipRgn
TextOutA
RectVisible
PtVisible
ExtTextOutA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateRectRgnIndirect
GetWindowExtEx
GetViewportExtEx
GetObjectA
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
Escape

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
GetUserNameA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetFolderPathA
ShellExecuteExA
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

comctl32

InitCommonControlsEx

shlwapi

StrStrIA
SHGetValueA
PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString

wininet

InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

Sections

.text
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 678KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

736b2129eacf91b36358469b50d6d21c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 225KB - Virtual size: 225KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 11KB - Virtual size: 30KB

.rsrc Size: 38KB - Virtual size: 678KB

.text
Size: 225KB - Virtual size: 225KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 11KB - Virtual size: 30KB

.rsrc
Size: 38KB - Virtual size: 678KB