b8ab3f354a8d034386169f165bc2820a2ef5047d8af85f23860fc461ce0acbbe

Sharing

Copy URL

Twitter E-mail

General

Target

b8ab3f354a8d034386169f165bc2820a2ef5047d8af85f23860fc461ce0acbbe
Size

2.5MB
MD5

656ca48e3e77bec3db3e0aebb0785990
SHA1

7128d35dff9b6f31b853010a94b5d651c39ec16b
SHA256

b8ab3f354a8d034386169f165bc2820a2ef5047d8af85f23860fc461ce0acbbe
SHA512

85874e689ad18171963e73b67cba3c1d533e0737096d577f8443474fdd2a2e355600ecbac7cc8327ea92cad0807b05129a4ade397a679acab2982fffe5069d75
SSDEEP

49152:qpU90p0oFdEQXXbKhgFvdZDJhRt9DiH6P0xOHukD6W8TdNdHGqb:EbVl2wD6W8xN1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8ab3f354a8d034386169f165bc2820a2ef5047d8af85f23860fc461ce0acbbe

Files

b8ab3f354a8d034386169f165bc2820a2ef5047d8af85f23860fc461ce0acbbe
.exe windows:6 windows x64 arch:x64

ffb5b767984870c88a0b270cdbcd2a7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\project\CLUpdater3.0_New\CLUpdater\x64\Release_x64\CLUpdater.pdb

Imports

wininet

InternetOpenW
InternetGetConnectedState

ws2_32

WSAGetLastError
WSACleanup
WSAStartup
WSAIoctl
closesocket
socket

sensapi

IsNetworkAlive

kernel32

RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
CreateThread
ExitThread
CreateDirectoryW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
WriteConsoleW
GetCommandLineW
HeapFree
HeapAlloc
HeapReAlloc
SetStdHandle
HeapSize
HeapQueryInformation
ExitProcess
GetSystemInfo
VirtualAlloc
VirtualQuery
GetConsoleCP
GetConsoleMode
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ReadConsoleW
SetFilePointerEx
GetProcessHeap
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
SetEnvironmentVariableA
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
lstrcpyW
GetCurrentDirectoryW
GetVersionExW
GlobalFindAtomW
GlobalDeleteAtom
FreeResource
lstrcmpW
GlobalFlags
GetUserDefaultUILanguage
CompareStringW
GetSystemDirectoryW
DecodePointer
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
GetCurrentThreadId
RtlPcToFileHeader
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpiW
GetModuleHandleExW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
CreateEventW
SetEvent
OutputDebugStringW
OutputDebugStringA
LocalFree
FindResourceW
SizeofResource
LockResource
LoadResource
CopyFileW
WritePrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryExW
GetSystemTime
SetFileAttributesW
WaitForSingleObject
GetFileSize
CreateFileW
GetPrivateProfileStringW
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
Sleep
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetLastError
CloseHandle
DeleteFileW
FindResourceExW
GetFileType

user32

MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetCursorPos
SetRect
SetParent
LockWindowUpdate
SetClassLongPtrW
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
LoadMenuW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageW
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
IntersectRect
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsIconic
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
IsCharLowerW
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowLongW
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
GetScrollPos
SetScrollPos
SetFocus
RealChildWindowFromPoint
GetWindow
GetClassNameW
GetDesktopWindow
PtInRect
ClientToScreen
GetWindowRect
SetWindowTextW
GetFocus
GetDlgCtrlID
DestroyIcon
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
CharUpperW
GetWindowTextLengthW
GetWindowTextW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
ReplyMessage
LoadIconW
LoadCursorW
FindWindowW
EndPaint
BeginPaint
UpdateWindow
TranslateAcceleratorW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
GetKeyNameTextW
ReuseDDElParam
SetLayeredWindowAttributes
InsertMenuItemW
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
LoadAcceleratorsW
DestroyWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
DefWindowProcW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetActiveWindow
EnumDisplayMonitors
SetPropW
UnpackDDElParam

gdi32

ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
Escape
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
DeleteObject
GetDeviceCaps
CreateDCW
EnumFontFamiliesW
CopyMetaFileW
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
SetTextAlign

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
SetEntriesInAclW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHAppBarMessage
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW
SHBrowseForFolderW

shlwapi

PathFileExistsW
StrToIntW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
OleGetClipboard
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal

oleaut32

VariantInit
VariantClear
VariantChangeType
VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffb5b767984870c88a0b270cdbcd2a7a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

ws2_32

sensapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 611KB - Virtual size: 611KB

.data Size: 32KB - Virtual size: 82KB

.pdata Size: 79KB - Virtual size: 78KB

.rsrc Size: 87KB - Virtual size: 87KB

.reloc Size: 78KB - Virtual size: 78KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 611KB - Virtual size: 611KB

.data
Size: 32KB - Virtual size: 82KB

.pdata
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 87KB - Virtual size: 87KB

.reloc
Size: 78KB - Virtual size: 78KB