b439f8340765c71faea4b45e9430183b812363e759130c4895ed064250770b4a

Sharing

Copy URL Twitter E-mail

General

Target

b439f8340765c71faea4b45e9430183b812363e759130c4895ed064250770b4a
Size

539KB
MD5

fa8c287318bc0a720832183c79e9e7e3
SHA1

c4e7df3641c0f1f7b1e1a16ff1e331d9744e6e39
SHA256

b439f8340765c71faea4b45e9430183b812363e759130c4895ed064250770b4a
SHA512

998a29738c8542320ceb7b22909e16b7814f0c0baf60dd505ad694f693130be6c5d9d2d967b2ed9713fc64ecb8ff219329a8509a36dd348b87fa80804a7d0212
SSDEEP

12288:QkAf8KrbgzscKtcHiT0G6QBangKpN3rCbf90Vpfg8:HAPascscHjNDngKvrCqVVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b439f8340765c71faea4b45e9430183b812363e759130c4895ed064250770b4a

Files

b439f8340765c71faea4b45e9430183b812363e759130c4895ed064250770b4a
.exe windows x64

836f9ee1bb2eee9fb211bffb6e5da13e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

duilib

?SetMaxInfo@CPaintManagerUI@DuiLib@@QEAAXHH@Z
?GetSuperClassName@CWindowWnd@DuiLib@@MEBAPEB_WXZ
?GetStyle@WindowImplBase@DuiLib@@UEAAJXZ
?HandleCustomMessage@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?ShowWindow@CWindowWnd@DuiLib@@QEAAX_N0@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPEAUHINSTANCE__@@@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPEB_W@Z
?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPEAXIPEB_W@Z
?SetResourceType@CPaintManagerUI@DuiLib@@SAXH@Z
?ReloadSkin@CPaintManagerUI@DuiLib@@SAXXZ
?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ
?Term@CPaintManagerUI@DuiLib@@SAXXZ
??0WindowImplBase@DuiLib@@QEAA@XZ
??1WindowImplBase@DuiLib@@UEAA@XZ
?InitResource@WindowImplBase@DuiLib@@UEAAXXZ
?InitWindow@WindowImplBase@DuiLib@@UEAAXXZ
?GetSkinType@WindowImplBase@DuiLib@@MEAA?AVCDuiString@2@XZ
?GetManagerName@WindowImplBase@DuiLib@@MEAAPEB_WXZ
??0CDuiString@DuiLib@@QEAA@PEB_WH@Z
?RegisterWindowClass@CWindowWnd@DuiLib@@QEAA_NXZ
?RegisterSuperclass@CWindowWnd@DuiLib@@QEAA_NXZ
?Create@CWindowWnd@DuiLib@@QEAAPEAUHWND__@@PEAU3@PEB_WKKHHHHPEAUHMENU__@@@Z
?GetInstance@CPaintManagerUI@DuiLib@@SAPEAUHINSTANCE__@@XZ
?OnFinalMessage@WindowImplBase@DuiLib@@UEAAXPEAUHWND__@@@Z
?Notify@WindowImplBase@DuiLib@@UEAAXAEAUtagTNotifyUI@2@@Z
?GetMessageMap@WindowImplBase@DuiLib@@MEBAPEBUDUI_MSGMAP@2@XZ
?OnClick@WindowImplBase@DuiLib@@MEAAXAEAUtagTNotifyUI@2@@Z
?IsInStaticControl@WindowImplBase@DuiLib@@MEAAHPEAVCControlUI@2@@Z
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MEAA_J_K@Z
?GetClassStyle@WindowImplBase@DuiLib@@UEBAIXZ
?CreateControl@WindowImplBase@DuiLib@@UEAAPEAVCControlUI@2@PEB_W@Z
?QueryControlText@WindowImplBase@DuiLib@@UEAAPEB_WPEB_W0@Z
?MessageHandler@WindowImplBase@DuiLib@@UEAA_JI_K_JAEA_N@Z
?OnClose@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnSize@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnChar@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnSysCommand@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnCreate@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnMouseMove@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?HandleMessage@WindowImplBase@DuiLib@@UEAA_JI_K_J@Z

kernel32

WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
LCMapStringW
GetStringTypeW
GetFileType
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
HeapAlloc
GetModuleHandleExW
ExitProcess
WriteFile
GetStdHandle
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GlobalAddAtomW
LoadLibraryW
GetProcAddress
FreeLibrary
SizeofResource
GetModuleFileNameW
FreeResource
LockResource
LoadResource
FindResourceW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
GetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetCurrentProcessId
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime

user32

ShowWindow
SetWindowLongW
SetLayeredWindowAttributes
RegisterHotKey
GetWindowLongW
SetWindowPos
GetSystemMetrics
PostQuitMessage
SetTimer
SetWindowDisplayAffinity

ole32

CoCreateInstance
CoInitialize

shlwapi

PathIsDirectoryW

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

836f9ee1bb2eee9fb211bffb6e5da13e

Headers

DLL Characteristics

File Characteristics

Imports

duilib

kernel32

user32

ole32

shlwapi

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 432KB - Virtual size: 431KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 432KB - Virtual size: 431KB

.reloc
Size: 2KB - Virtual size: 1KB