NewUpd [v1[.]1[.]0][.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

NewUpd [v1.1.0].exe
Size

1.9MB
MD5

11009591ca02b389f69e8c8e34f3f0c3
SHA1

de3e14d918d6aa164112c7339f85f67e60291616
SHA256

6f0df40928071c599955dfa09d5f4596a823ad68b887c228a8e810287d856b66
SHA512

1ea9ce27abdd7d8ee4aa139ede7e856b3e7404cb30259e2fdd09b2125bbc0aade93e25568ce426e82bcf45167982cdff51432ed20d8db7e8b8e9d1c03ae513aa
SSDEEP

24576:woWteRKeZUihWNS0fLw0E5+VulD0UnwTpkFWjuwbnFjx+Fyq1OeHwWOTMes8:IdzE0E5+MznUuwJF81EXwJ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NewUpd [v1.1.0].exe

Files

NewUpd [v1.1.0].exe
.exe windows:4 windows x86 arch:x86

359f32cec16f16569a43a874a99c0419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
CreateProcessAsUserW
EqualSid
FreeSid
GetKernelObjectSecurity
GetTokenInformation
LookupPrivilegeValueW
MakeAbsoluteSD
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueW
RegSetValueExW
SetEntriesInAclW
SetKernelObjectSecurity
SetSecurityDescriptorDacl

comdlg32

GetFileTitleW

gdi32

BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateEllipticRgn
CreateFontIndirectW
CreatePatternBrush
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
Escape
ExtSelectClipRgn
ExtTextOutW
FillRgn
GetBkColor
GetClipBox
GetDIBColorTable
GetDeviceCaps
GetMapMode
GetObjectW
GetPixel
GetRgnBox
GetTextColor
GetTextExtentPoint32W
GetViewportExtEx
GetWindowExtEx
LPtoDP
LineTo
MoveToEx
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleWindowExtEx
SelectObject
SetBkColor
SetBkMode
SetDIBColorTable
SetMapMode
SetROP2
SetRectRgn
SetViewportExtEx
SetViewportOrgEx
StretchBlt
TextOutW

kernel32

CloseHandle
CompareStringA
CompareStringW
ConvertDefaultLocale
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateMutexW
CreateProcessW
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsW
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalReAlloc
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
IsValidCodePage
K32EnumProcessModules
K32EnumProcesses
K32GetModuleBaseNameW
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockFile
LockResource
MulDiv
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetSystemPowerState
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpA
lstrcmpW
lstrcmpiW
lstrlenA
lstrlenW

msimg32

AlphaBlend
TransparentBlt

msvcrt

__getmainargs
__p___initenv
__p__commode
__p__fmode
__p__iob
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_initterm
abort
atexit
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
CoGetClassObject
CoGetObject
CoInitialize
CoRegisterClassObject
CoRegisterMessageFilter
CoRevokeClassObject
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateILockBytesOnHGlobal
OleFlushClipboard
OleInitialize
OleIsCurrentClipboard
OleUninitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
StringFromGUID2

shell32

DragFinish
DragQueryFileW
SHFileOperationW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetStockIconInfo
SHPathPrepareForWriteW
ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsDirectoryEmptyW
PathStripToRootW

user32

AdjustWindowRectEx
AnimateWindow
BeginDeferWindowPos
BeginPaint
BringWindowToTop
BroadcastSystemMessageW
CallNextHookEx
CallWindowProcW
CharNextW
CharUpperW
CheckMenuItem
ClientToScreen
CopyAcceleratorTableW
CopyImage
CopyRect
CreateDialogIndirectParamW
CreateWindowExW
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawFocusRect
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextExW
DrawTextW
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EqualRect
ExitWindowsEx
FillRect
FindWindowW
GetActiveWindow
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetCursorPos
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
InflateRect
InsertMenuItemW
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadMenuW
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MoveWindow
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemBitmaps
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutW
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UnpackDDElParam
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetAttemptConnect

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

wtsapi32

WTSEnumerateProcessesW
WTSEnumerateSessionsW
WTSFreeMemory
WTSQuerySessionInformationW

Sections

.text
Size: 787KB - Virtual size: 787KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 252B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

359f32cec16f16569a43a874a99c0419

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

gdi32

kernel32

msimg32

msvcrt

ole32

shell32

shlwapi

user32

version

wininet

winspool.drv

wtsapi32

Sections

.text Size: 787KB - Virtual size: 787KB

.data Size: 865KB - Virtual size: 864KB

.rdata Size: 180KB - Virtual size: 180KB

.eh_fram Size: 25KB - Virtual size: 24KB

.bss Size: - Virtual size: 252B

.idata Size: 14KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 39KB - Virtual size: 39KB

.text
Size: 787KB - Virtual size: 787KB

.data
Size: 865KB - Virtual size: 864KB

.rdata
Size: 180KB - Virtual size: 180KB

.eh_fram
Size: 25KB - Virtual size: 24KB

.bss
Size: - Virtual size: 252B

.idata
Size: 14KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 39KB - Virtual size: 39KB