11c045290ca14b3648efff47a7615c52066f3867455f009f9a729e1a26b96823

Sharing

Copy URL Twitter E-mail

General

Target

11c045290ca14b3648efff47a7615c52066f3867455f009f9a729e1a26b96823
Size

320KB
MD5

2a6346b6a25af0118972453fc4ee739e
SHA1

625b85a647e1a564cbc868c596a255a902c97c4c
SHA256

11c045290ca14b3648efff47a7615c52066f3867455f009f9a729e1a26b96823
SHA512

59e588be53882b0fe6aba6a51786c722e77a3c98b86615dc3a24ff81d9f11319f227d609be75215d8747425e593abd637b2d813d14a3161410dd54e7a9b41261
SSDEEP

6144:E/ji2H5h8XrWBoWL46JN6VWxtoloBj5rbx:Mb8XypL9JcVJ6Bj5rbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11c045290ca14b3648efff47a7615c52066f3867455f009f9a729e1a26b96823

Files

11c045290ca14b3648efff47a7615c52066f3867455f009f9a729e1a26b96823
.exe windows x64

279b8a26f65ef80b2fab2ffb5009e75b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

DPtoLP
CreateFontIndirectW
SelectObject
DeleteObject
RestoreDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
SetWindowOrgEx
SetBkMode
SetTextColor
GetStockObject
GetObjectA
GetObjectW
DeleteDC
CreateBitmap
SetLayout
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
BitBlt
GetDeviceCaps

user32

SetWindowLongPtrW
DefWindowProcW
GetWindowLongPtrW
PostMessageW
PostQuitMessage
SendMessageW
SetWindowTextW
ShowWindow
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowExW
IsWindow
CallWindowProcW
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
CharNextW
RegisterWindowMessageW
LoadIconW
LoadImageW
GetSystemMetrics
PeekMessageW
MsgWaitForMultipleObjectsEx
DestroyIcon
KillTimer
LoadStringW
GetDC
ReleaseDC
SetForegroundWindow
UnregisterClassA
SetTimer
GetCursorPos
CreatePopupMenu
AppendMenuW
SetMenuItemInfoW
SetMenuDefaultItem
TrackPopupMenu
DestroyMenu
BringWindowToTop
GetSysColor
SystemParametersInfoW
GetWindowRect
MapWindowPoints
FillRect
GetAncestor
IsIconic
GetLastActivePopup
BeginPaint
EndPaint
MoveWindow
InvalidateRect
GetWindowLongW
GetWindowTextW
GetWindowTextLengthW
DrawTextW
IsWindowEnabled
GetParent
TrackMouseEvent
SetRect
ScreenToClient
GetDlgItem
SetFocus
DestroyWindow
GetScrollInfo
SetScrollInfo
ScrollWindowEx
GetScrollPos
SetScrollPos
ScrollWindow
GetFocus
DrawIcon
EnableWindow
IsWindowVisible
SendNotifyMessageW
GetKeyState
GetClientRect

msvcrt

free
swprintf_s
memcpy_s
memmove_s
malloc
_vscwprintf
wcsncpy_s
vswprintf_s
_wtof
wcstol
towupper
wcsstr
wcschr
iswspace
_resetstkoflw
wcscat_s
_vsnwprintf
memcmp
__CxxFrameHandler3
_onexit
_lock
__dllonexit
memset
_errno
realloc
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
_callnewh
_CxxThrowException
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
wcscpy_s
__C_specific_handler
_unlock
memcpy

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage

gdiplus

GdiplusShutdown
GdipAddPathArcI
GdipClosePathFigure
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipCreateLineBrushFromRectI
GdipDeleteBrush
GdipFree
GdipDrawPath
GdipDrawImageRectI
GdipCreateBitmapFromHICON
GdipFillPath
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipCreateLineBrushFromRectWithAngleI
GdipMeasureString
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFile
GdipFillRectangleI
GdipAlloc
GdiplusStartup

kernel32

VirtualAlloc
InterlockedPopEntrySList
VirtualFree
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
DelayLoadFailureHook
LoadLibraryExA
GetSystemTimeAsFileTime
LocalFree
MoveFileExW
WriteFile
CreateFileW
GetTempFileNameW
GetTempPathW
GetSystemDefaultLangID
DeleteFileW
GetTimeFormatW
InterlockedPushEntrySList
FileTimeToSystemTime
FileTimeToLocalFileTime
CheckElevationEnabled
GetUserPreferredUILanguages
SetProcessWorkingSetSize
GetLocaleInfoW
RegQueryValueExW
FindResourceExW
WaitForSingleObject
CreateThread
GlobalFree
GetCommandLineW
CreateProcessW
FormatMessageW
SetEvent
CreateMutexW
CreateEventW
CloseHandle
LoadLibraryExW
MultiByteToWideChar
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
lstrcmpiW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
GetModuleHandleW
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetLastError
HeapSetInformation
FindResourceW
LoadResource
LockResource
SizeofResource
GetUserDefaultUILanguage
HeapFree
GetProcessHeap
HeapAlloc
RaiseException
SetLastError
lstrlenW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetDateFormatW
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
GetCurrentProcessId

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

279b8a26f65ef80b2fab2ffb5009e75b

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

msvcrt

ntdll

gdiplus

kernel32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 9KB - Virtual size: 9KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 138KB - Virtual size: 140KB

.reloc Size: 1024B - Virtual size: 632B

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 9KB - Virtual size: 9KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 138KB - Virtual size: 140KB

.reloc
Size: 1024B - Virtual size: 632B