9239c00c44e58396bf2d7c444019cbb9afdd200b2dc19077434622b476487f9b

Sharing

Copy URL Twitter E-mail

General

Target

9239c00c44e58396bf2d7c444019cbb9afdd200b2dc19077434622b476487f9b
Size

2.1MB
MD5

703bd419e95ebc527305f80784a2328c
SHA1

0076eba26e38d450d725281cb0170004fd4bf2fc
SHA256

9239c00c44e58396bf2d7c444019cbb9afdd200b2dc19077434622b476487f9b
SHA512

fa7a65de08f94c3d71773a6a3fb27d97af2557294e777929cc6e81fe4893780473ce9f5139185fc3b608e08ff80e0e2f301133ee84d120aa5b5d52e120a96a56
SSDEEP

49152:EAFC1bA7oIvzyHVnbFT5XxpaCvIinxg/Iwj6kn:EoC8oIvzyHVnJ5XxYSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9239c00c44e58396bf2d7c444019cbb9afdd200b2dc19077434622b476487f9b

Files

9239c00c44e58396bf2d7c444019cbb9afdd200b2dc19077434622b476487f9b
.dll windows x86

c89aea5df057c2acaa70df9a371e91de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetOptionW
InternetQueryOptionW
InternetGetCookieW

kernel32

WideCharToMultiByte
GetACP
MultiByteToWideChar
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
WaitForSingleObject
ResumeThread
InterlockedExchange
InterlockedExchangeAdd
CreateMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
LoadLibraryExW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetFileAttributesW
lstrcatW
lstrcpyW
OpenProcess
QueryDosDeviceW
FindClose
FindNextFileW
FileTimeToSystemTime
GetFullPathNameW
MoveFileExW
CreateDirectoryW
GetSystemDirectoryW
GetCurrentDirectoryW
MoveFileW
DeleteFileW
SetFileAttributesW
ResetEvent
HeapAlloc
HeapFree
GetProcessHeap
GetLogicalDriveStringsW
FormatMessageW
GlobalMemoryStatusEx
DeviceIoControl
FreeResource
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrW
CreateWaitableTimerW
SetWaitableTimer
MapViewOfFileEx
QueryPerformanceCounter
QueryPerformanceFrequency
DuplicateHandle
GetCurrentThread
EncodePointer
GetSystemTimeAsFileTime
GetStringTypeW
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CreateSemaphoreW
CreateTimerQueue
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
HeapReAlloc
GetStdHandle
GetFileType
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetTimeZoneInformation
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
VirtualAlloc
VirtualFree
VirtualProtect
ReleaseSemaphore
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
SetStdHandle
WriteConsoleW
ReadConsoleW
WaitForMultipleObjects
CloseHandle
LocalFree
GetCommandLineW
SetErrorMode
SetUnhandledExceptionFilter
LocalAlloc
GetModuleFileNameW
GetTickCount
SetEvent
SetEnvironmentVariableA
GetThreadContext
SetThreadContext
InterlockedCompareExchange
Thread32First
HeapDestroy
HeapCreate
Thread32Next
OpenThread
CreateToolhelp32Snapshot
SuspendThread
VirtualQuery
InitializeCriticalSectionAndSpinCount
RaiseException
GetLastError
DecodePointer
DeleteCriticalSection
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
LoadLibraryW
SetLastError
GetProcAddress
GetCurrentProcess
LeaveCriticalSection
FlushInstructionCache
EnterCriticalSection
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
lstrlenW
GlobalUnlock
DisableThreadLibraryCalls
lstrcmpiW
GetCurrentProcessId
CreateThread
FindResourceW
GetFileTime
LoadResource
SizeofResource
GlobalFree
LockResource
CreateFileW
GetTempPathW
GetLocalTime
FreeLibrary
GetVersionExW
InitializeCriticalSection
GetSystemInfo
GetFileSize
SetFilePointer
SetEndOfFile
SetFileTime
Sleep
WriteFile
ReadFile
CreateEventW

user32

OffsetRect
TrackMouseEvent
UnionRect
GetKeyboardState
ToAscii
GetCaretBlinkTime
MsgWaitForMultipleObjects
LoadBitmapW
LoadImageW
GetClassLongW
SetCaretPos
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetIconInfo
SetWindowRgn
GetWindowDC
EnableWindow
OpenClipboard
SetCursor
ShowWindowAsync
MonitorFromPoint
DrawTextW
DrawIconEx
MapVirtualKeyExW
GetKeyNameTextW
MonitorFromRect
EqualRect
GetKeyState
WindowFromPoint
WaitMessage
GetCapture
PeekMessageW
GetSystemMetrics
UpdateLayeredWindow
SetTimer
IsMenu
KillTimer
DeleteMenu
IsWindowEnabled
GetUpdateRect
InflateRect
SetRect
IntersectRect
AppendMenuW
CreatePopupMenu
InsertMenuW
MapWindowPoints
UpdateWindow
IsRectEmpty
SetRectEmpty
wsprintfW
MessageBoxW
LoadMenuW
GetLastActivePopup
FindWindowW
PtInRect
BringWindowToTop
IsZoomed
ValidateRect
GetCursorPos
FindWindowExW
CopyRect
GetSubMenu
GetMenuStringW
GetMenuItemInfoW
SystemParametersInfoW
GetMenuState
GetMenuItemCount
DestroyMenu
DestroyIcon
SetMenuItemInfoW
GetWindowRect
IsIconic
RemovePropW
SetPropW
LoadIconW
EndPaint
ClientToScreen
DestroyWindow
GetWindowTextLengthW
DestroyAcceleratorTable
ScreenToClient
GetMessageW
PostQuitMessage
CharNextW
RegisterWindowMessageW
FillRect
IsChild
SetCapture
SetForegroundWindow
GetFocus
GetParent
AttachThreadInput
InvalidateRgn
SetParent
CreateAcceleratorTableW
SetFocus
BeginPaint
GetDC
TranslateMessage
GetForegroundWindow
InvalidateRect
GetAncestor
GetWindowTextW
GetClassNameW
ReleaseDC
RedrawWindow
GetSysColor
EnumChildWindows
AdjustWindowRectEx
ReleaseCapture
SetWindowTextW
GetPropW
GetWindowThreadProcessId
GetWindow
MoveWindow
DispatchMessageW
LoadCursorW
GetClientRect
GetClassInfoExW
RegisterClassExW
GetWindowLongW
GetDlgItem
SetWindowLongW
SetWindowPos
ShowWindow
CreateWindowExW
SendMessageW
CallWindowProcW
GetAsyncKeyState
MonitorFromWindow
IsWindowVisible
GetMonitorInfoW
GetKeyboardLayoutList
ActivateKeyboardLayout
GetKeyboardLayout
UnregisterClassW
GetDesktopWindow
DefWindowProcW
PostMessageW
IsWindow

gdi32

ExtTextOutW
BitBlt
DeleteDC
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetObjectW
GetDIBits
CreateDCW
SetWindowOrgEx
GetClipBox
CreatePolygonRgn
SetWorldTransform
SetGraphicsMode
EnumFontsW
PtInRegion
CreateRoundRectRgn
SetViewportOrgEx
SetTextColor
CreateDIBSection
SetBkMode
GetTextExtentPointW
CreatePen
ExtCreatePen
MoveToEx
LineTo
SelectClipRgn
CreateRectRgn
CreateFontIndirectW
EnumFontFamiliesExW
SetBkColor
CreateSolidBrush

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
SHGetPathFromIDListW

ole32

CoTaskMemRealloc
RegisterDragDrop
RevokeDragDrop
CoTaskMemAlloc
CoGetClassObject
CoTaskMemFree
OleUninitialize
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromProgID
OleLockRunning
IIDFromString
CLSIDFromString
CoCreateInstance

oleaut32

SysAllocString
VarUI4FromStr
LoadRegTypeLi
OleCreateFontIndirect
SysAllocStringLen
VariantInit
LoadTypeLi
VariantClear
SysStringLen
DispCallFunc
SysFreeString

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

PathFindFileNameW
ord12
StrDupW
StrToIntA

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipDeleteFontFamily
GdipGetFamilyName
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipGetLineSpacing
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipGetStringFormatAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatLineAlign
GdipCreateFontFamilyFromName
GdipAddPathLineI
GdipAddPathArcI
GdipAddPathBezierI
GdipAddPathRectangleI
GdipAddPathEllipseI
GdipCreateRegionPath
GdipCombineRegionPath
GdipCombineRegionRegion
GdipGetBrushType
GdipSetTextureTransform
GdipSetLineTransform
GdipBeginContainer2
GdipRestoreGraphics
GdipSaveGraphics
GdipGetClipBoundsI
GdipSetClipRegion
GdipSetClipRectI
GdipDrawImageRectRect
GdipFillPath
GdipFillEllipse
GdipGraphicsClear
GdipSetStringFormatTrimming
GdipEndContainer
GdipDrawPath
GdipDrawRectangle
GdipDrawArcI
GdipDrawLine
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipMultiplyWorldTransform
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetCompositingQuality
GdipSetImageAttributesWrapMode
GdipSetImageAttributesColorMatrix
GdipCloneBitmapArea
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipGetLineTransform
GdipSetLineWrapMode
GdipSetLinePresetBlend
GdipCreateLineBrushI
GdipGetTextureTransform
GdipCreateTexture
GdipTransformRegion
GdipDeleteRegion
GdipCloneRegion
GdipGetMatrixElements
GdipDeleteMatrix
GdipCreateMatrix2
GdipCreateMatrix
GdipGetPathWorldBounds
GdipAddPathString
ord1
GdipClosePathFigure
GdipDeletePath
GdipCreatePath
GdipCloneBitmapAreaI
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipFillRectangleI
GdipCreateFromHDC
GdipCreateImageAttributes
GdipCreateBitmapFromHBITMAP
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipSetSmoothingMode
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDrawImageRectRectI
GdipCloneBrush
GdipDeleteBrush
GdipCreateBitmapFromResource
GdipLoadImageFromFile
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipCreateBitmapFromStreamICM
GdipFree
GdiplusShutdown
GdipSetCompositingMode

imm32

ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmGetConversionStatus
ImmGetDescriptionW
ImmSetConversionStatus
ImmReleaseContext
ImmAssociateContextEx
ImmGetContext

winmm

timeGetTime

Exports

Exports

MiniPageMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 338KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c89aea5df057c2acaa70df9a371e91de

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

shlwapi

comctl32

msimg32

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 338KB - Virtual size: 337KB

.data Size: 27KB - Virtual size: 48KB

.rsrc Size: 71KB - Virtual size: 70KB

.reloc Size: 90KB - Virtual size: 90KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 338KB - Virtual size: 337KB

.data
Size: 27KB - Virtual size: 48KB

.rsrc
Size: 71KB - Virtual size: 70KB

.reloc
Size: 90KB - Virtual size: 90KB