General

Malware Config

Signatures

Files

• FaceLift_x64.exe

  .exe windows x64

  17849f94d395a8e160bc5b10df4c75a8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  advapi32

  RegCloseKey

  RegQueryValueExW

  RegOpenKeyExW

  RegDeleteKeyW

  RegSetValueExW

  RegCreateKeyExW

  RegQueryValueW

  RegOpenKeyW

  RegEnumKeyW

  dbghelp

  MakeSureDirectoryPathExists

  winmm

  mixerClose

  mixerGetDevCapsW

  mixerOpen

  mixerGetNumDevs

  timeSetEvent

  timeKillEvent

  kernel32

  SetEndOfFile

  DuplicateHandle

  GetCurrentProcess

  GetVolumeInformationW

  GetFullPathNameW

  SetErrorMode

  GetFileSizeEx

  GetFileTime

  GetStartupInfoW

  RaiseException

  RtlPcToFileHeader

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  RtlUnwindEx

  GetSystemTimeAsFileTime

  ExitProcess

  HeapFree

  HeapAlloc

  HeapReAlloc

  ExitThread

  HeapQueryInformation

  HeapSize

  VirtualProtect

  VirtualAlloc

  GetSystemInfo

  VirtualQuery

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetFileType

  UnlockFile

  EncodePointer

  DecodePointer

  FlsGetValue

  FlsSetValue

  FlsFree

  FlsAlloc

  HeapSetInformation

  HeapCreate

  InitializeCriticalSectionAndSpinCount

  GetTimeZoneInformation

  GetConsoleCP

  GetConsoleMode

  WriteFile

  GetOEMCP

  IsValidCodePage

  GetLocaleInfoA

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetUserDefaultLCID

  EnumSystemLocalesA

  IsValidLocale

  GetCurrentDirectoryA

  GetDriveTypeA

  CreateFileA

  GetProcessHeap

  SetEnvironmentVariableA

  LockFile

  FlushFileBuffers

  GetStartupInfoA

  SetFilePointer

  GetVersionExW

  GetSystemDefaultLCID

  GetPrivateProfileIntW

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  DeleteFileW

  GetModuleFileNameW

  FindClose

  FindNextFileW

  FindFirstFileW

  GetLastError

  CreateMutexW

  Sleep

  SizeofResource

  LockResource

  LoadResource

  FindResourceW

  GetVersion

  SetEvent

  CloseHandle

  WaitForSingleObject

  CreateThread

  CreateEventW

  SetFileAttributesW

  GetCPInfo

  GetFileAttributesW

  GetTickCount

  GetProcAddress

  LoadLibraryW

  FreeLibrary

  MultiByteToWideChar

  WideCharToMultiByte

  GetACP

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  TerminateThread

  SetThreadPriority

  lstrlenW

  GlobalFree

  GlobalUnlock

  GetThreadLocale

  TlsFree

  LocalReAlloc

  TlsSetValue

  GlobalHandle

  GlobalReAlloc

  TlsAlloc

  TlsGetValue

  LocalAlloc

  GlobalFlags

  lstrlenA

  GlobalFindAtomW

  CompareStringW

  LoadLibraryA

  GetVersionExA

  FreeResource

  GetCurrentProcessId

  GlobalAddAtomW

  SuspendThread

  ResumeThread

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  SetLastError

  FormatMessageW

  LocalFree

  MulDiv

  GlobalDeleteAtom

  GetCurrentThread

  GetCurrentThreadId

  ConvertDefaultLocale

  EnumResourceLanguagesW

  lstrcmpA

  GetLocaleInfoW

  CompareStringA

  lstrcmpW

  GetModuleHandleW

  ReadFile

  GetFileSize

  CreateFileW

  lstrcpyW

  QueryPerformanceFrequency

  QueryPerformanceCounter

  GlobalAlloc

  GlobalLock

  user32

  MapWindowPoints

  EndPaint

  WindowFromPoint

  GetSysColorBrush

  UnregisterClassW

  CharUpperW

  CopyAcceleratorTableW

  InvalidateRgn

  GetNextDlgGroupItem

  MessageBeep

  DestroyMenu

  RegisterClipboardFormatW

  PostThreadMessageW

  SetMenu

  UpdateWindow

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  AdjustWindowRectEx

  EqualRect

  DefWindowProcW

  CallWindowProcW

  GetMenu

  SystemParametersInfoA

  GetWindowPlacement

  SetWindowContextHelpId

  MapDialogRect

  SetActiveWindow

  CreateDialogIndirectParamW

  DestroyWindow

  GetNextDlgTabItem

  EndDialog

  SendDlgItemMessageA

  GetMessageTime

  SetWindowsHookExW

  CallNextHookEx

  GetMessageW

  TranslateMessage

  DispatchMessageW

  ValidateRect

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  LoadBitmapW

  ModifyMenuW

  EnableMenuItem

  CheckMenuItem

  UnhookWindowsHookEx

  GetMenuState

  GetMenuItemID

  GetMenuItemCount

  GetSubMenu

  PostQuitMessage

  GetFocus

  IsWindowEnabled

  ShowWindow

  MoveWindow

  SetWindowLongW

  GetDlgCtrlID

  SetWindowTextW

  GetWindowLongW

  IsDialogMessageW

  SendDlgItemMessageW

  GetDlgItem

  CharNextW

  GrayStringW

  DrawTextExW

  DrawTextW

  TabbedTextOutW

  FrameRect

  SetFocus

  GetSysColor

  LoadStringW

  ScreenToClient

  FillRect

  SetRect

  GetKeyState

  GetClipboardData

  GetCaretBlinkTime

  IsClipboardFormatAvailable

  OpenClipboard

  EmptyClipboard

  SetClipboardData

  CloseClipboard

  IsWindowVisible

  SendMessageW

  SetWindowPos

  FindWindowW

  WinHelpW

  IsChild

  GetCapture

  GetClassNameW

  GetClassLongPtrW

  SetPropW

  GetPropW

  RemovePropW

  GetForegroundWindow

  GetTopWindow

  GetWindowLongPtrW

  GetWindowThreadProcessId

  SetWindowLongPtrW

  RegisterWindowMessageW

  GetWindowTextW

  GetLastActivePopup

  GetMessagePos

  GetParent

  GetWindow

  GetDesktopWindow

  DrawIcon

  PostMessageW

  IsIconic

  GetWindowRect

  GetClientRect

  InvalidateRect

  SetTimer

  KillTimer

  GetActiveWindow

  LoadIconW

  PeekMessageW

  GetSystemMetrics

  UnregisterDeviceNotification

  BeginPaint

  FindWindowExW

  MessageBoxW

  RegisterDeviceNotificationW

  SetForegroundWindow

  ReleaseDC

  GetWindowDC

  EnableWindow

  LoadImageW

  SetRectEmpty

  OffsetRect

  GetCursorPos

  ClientToScreen

  IsRectEmpty

  CopyRect

  ActivateKeyboardLayout

  PtInRect

  SetCapture

  ReleaseCapture

  GetAsyncKeyState

  IsWindow

  InflateRect

  SystemParametersInfoW

  UpdateLayeredWindow

  LoadCursorW

  SetCursor

  GetDC

  IntersectRect

  gdi32

  CreateRectRgn

  CreateRectRgnIndirect

  CreateCompatibleDC

  CreateDIBSection

  DeleteDC

  CreateCompatibleBitmap

  CreateSolidBrush

  CreateFontIndirectW

  Polygon

  Rectangle

  GetTextMetricsW

  GetTextExtentPoint32W

  GetObjectW

  PtVisible

  RectVisible

  TextOutW

  ExtTextOutW

  Escape

  CreateBitmap

  GetClipBox

  SetTextColor

  SetBkColor

  SaveDC

  RestoreDC

  SetBkMode

  SetMapMode

  BitBlt

  SelectObject

  SelectClipRgn

  GetViewportExtEx

  GetWindowExtEx

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  SetWindowExtEx

  ScaleWindowExtEx

  ExtSelectClipRgn

  GetStockObject

  GetBkColor

  GetTextColor

  GetRgnBox

  GetMapMode

  GetViewportOrgEx

  DeleteObject

  GetDeviceCaps

  comdlg32

  GetFileTitleW

  winspool.drv

  DocumentPropertiesW

  OpenPrinterW

  ClosePrinter

  shell32

  SHAppBarMessage

  Shell_NotifyIconW

  ShellExecuteW

  shlwapi

  PathFindFileNameW

  PathStripToRootW

  PathIsUNCW

  PathFindExtensionW

  oledlg

  OleUIBusyW

  ole32

  CoTaskMemFree

  CoTaskMemAlloc

  CoInitialize

  CoUninitialize

  CLSIDFromProgID

  CLSIDFromString

  CoGetClassObject

  StgOpenStorageOnILockBytes

  StgCreateDocfileOnILockBytes

  CreateILockBytesOnHGlobal

  OleUninitialize

  CoFreeUnusedLibraries

  OleInitialize

  CoRevokeClassObject

  OleIsCurrentClipboard

  OleFlushClipboard

  CoRegisterMessageFilter

  oleaut32

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  VariantClear

  VariantInit

  SysFreeString

  SysStringLen

  SysAllocStringLen

  VariantChangeType

  VariantCopy

  SafeArrayDestroy

  OleCreateFontIndirect

  SysAllocString

  gdiplus

  GdipTranslateMatrix

  GdipMultiplyMatrix

  GdipGetStringFormatAlign

  GdipGetStringFormatFlags

  GdipStringFormatGetGenericTypographic

  GdipDrawLineI

  GdipDrawImageI

  GdipDrawRectangleI

  GdipSetStringFormatTrimming

  GdipSetStringFormatFlags

  GdiplusStartup

  GdiplusShutdown

  GdipFree

  GdipAlloc

  GdipCreateImageAttributes

  GdipDisposeImageAttributes

  GdipDeleteMatrix

  GdipDeleteBrush

  GdipCreatePen1

  GdipDeletePen

  GdipCreateStringFormat

  GdipDeleteStringFormat

  GdipCreatePath

  GdipDeletePath

  GdipDeleteGraphics

  GdipCreateFontFamilyFromName

  GdipDeleteFontFamily

  GdipDisposeImage

  GdipGetImageWidth

  GdipGetImageHeight

  GdipCreateBitmapFromFile

  GdipCreateBitmapFromScan0

  GdipCreateBitmapFromGraphics

  GdipBitmapGetPixel

  GdipSetImageAttributesColorMatrix

  GdipCreateMatrix2

  GdipCreateSolidFill

  GdipSetStringFormatAlign

  GdipAddPathRectangleI

  GdipAddPathPath

  GdipAddPathStringI

  GdipGetImageGraphicsContext

  GdipSetTextRenderingHint

  GdipSetInterpolationMode

  GdipSetSmoothingMode

  GdipSetWorldTransform

  GdipResetWorldTransform

  GdipDrawPath

  GdipFillPath

  GdipDrawString

  GdipMeasureString

  GdipDrawImagePointRectI

  GdipDrawImageRectRectI

  GdipSetClipPath

  GdipCloneBrush

  GdipSetSolidFillColor

  GdipAddPathLineI

  GdipAddPathArcI

  GdipClonePath

  GdipGetGenericFontFamilySansSerif

  GdipCreateFont

  GdipDeleteFont

  GdipCreateMatrix

  GdipSetMatrixElements

  GdipScaleMatrix

  GdipRotateMatrix

  GdipShearMatrix

  GdipTransformMatrixPointsI

  GdipResetPath

  GdipAddPathPolygonI

  GdipCreateFromHDC

  GdipMultiplyWorldTransform

  GdipTranslateWorldTransform

  GdipCreateHBITMAPFromBitmap

  GdipFillRectangleI

  GdipDrawImageRectI

  GdipResetClip

  GdipSetStringFormatLineAlign

  GdipBitmapSetPixel

  GdipDeleteRegion

  GdipCreateLineBrushFromRect

  GdipAddPathPolygon

  GdipDrawRectangle

  GdipDrawEllipse

  GdipDrawPolygonI

  GdipFillRectangle

  GdipFillEllipse

  GdipFillRegion

  GdipSetClipRect

  GdipSetClipRegion

  GdipGetClip

  GdipCreateRegion

  GdipCreateRegionPath

  GdipRotateWorldTransform

  GdipDrawImageRectRect

  GdipCreateBitmapFromHBITMAP

  GdipCloneImage

  rpcrt4

  UuidFromStringW

  d3d9

  Direct3DCreate9

  d3dx9_43

  D3DXMatrixOrthoLH

  D3DXMatrixPerspectiveFovLH

  D3DXMatrixRotationX

  D3DXMatrixScaling

  D3DXMatrixLookAtLH

  D3DXMatrixMultiply

  imm32

  ImmReleaseContext

  ImmGetContext

  ImmGetCompositionStringW

  Sections

  .text

  Size: 1.4MB - Virtual size: 1.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 489KB - Virtual size: 489KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 154KB - Virtual size: 181KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 107KB - Virtual size: 107KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 80KB - Virtual size: 79KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 32KB - Virtual size: 31KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ