b903a84f47960b83a133684a030f990fc5605cca31f4c071b177298a522a8f0a

Sharing

Copy URL

Twitter E-mail

General

Target

b903a84f47960b83a133684a030f990fc5605cca31f4c071b177298a522a8f0a
Size

1.1MB
MD5

c24b9f368ef998bf44379a44d030c468
SHA1

95aa41d63382d358bf0d9e57aed4b8be83251071
SHA256

b903a84f47960b83a133684a030f990fc5605cca31f4c071b177298a522a8f0a
SHA512

12f6057f8a0c6a01d67c7a68da5ed5205700d45c5fa0ddf9f3f006184eb4ea733ccfd8cf451ee856f7a58a67fca0b78cc4b3f7f2328a9f1d6bb3cffe0f82cf1b
SSDEEP

24576:Lq55qflpy8YsJMux1ONQEhkZtpPMuTDWCvfwTSjBFx:S5qfvJYsJJOBQ3TDWH8Fx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b903a84f47960b83a133684a030f990fc5605cca31f4c071b177298a522a8f0a

Files

b903a84f47960b83a133684a030f990fc5605cca31f4c071b177298a522a8f0a
.exe windows x86

c9bd987d73412246a60519b13ae114df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetExitCodeProcess
CreateProcessW
CreateToolhelp32Snapshot
Process32FirstW
GetCurrentProcessId
Process32NextW
OpenProcess
TerminateProcess
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoA
IsValidCodePage
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiA
GetCommandLineW
GetModuleHandleW
FreeLibrary
GetModuleFileNameW
lstrlenA
LoadLibraryW
GetLocalTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
SetEnvironmentVariableA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
HeapFree
GetProcessHeap
HeapAlloc
FlushFileBuffers
VirtualFree
VirtualAlloc
SetEndOfFile
ReadFile
CreateFileW
GetCurrentThreadId
CloseHandle
GetLastError
GetCurrentProcess
FindNextFileW
FindClose
FindFirstFileW
LeaveCriticalSection
Sleep
GetFullPathNameA
SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
GetStringTypeA
EnumSystemLocalesA
HeapCreate
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetOEMCP
GetACP
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
FindFirstFileA
GetDriveTypeA
SetFilePointer
GetFileInformationByHandle
CreateThread
ExitThread
HeapReAlloc
CompareStringW
CompareStringA
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
FormatMessageA
SleepEx
SetLastError
VerSetConditionMask
VerifyVersionInfoA
GetModuleHandleA
LoadLibraryA
DeviceIoControl
InterlockedCompareExchange
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WriteFile
GetTickCount
GetProcAddress

user32

GetClientRect
GetCursorPos
SetForegroundWindow
CreatePopupMenu
IsZoomed
ScreenToClient
LoadIconW
TrackPopupMenu
AppendMenuW
KillTimer
PostQuitMessage
SendMessageW
ShowWindow
BringWindowToTop
GetWindowLongW
SetWindowLongW
SetTimer
RedrawWindow

gdi32

SelectObject
DeleteObject
GetObjectW
CreateCompatibleDC

advapi32

CryptGenRandom
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptDestroyKey
CryptEncrypt
CryptImportKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
CryptReleaseContext

shell32

CommandLineToArgvW
Shell_NotifyIconW

ole32

CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeEx

shlwapi

PathRemoveFileSpecW
PathFileExistsW

timeforyearui

?SetAutoDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsDelayedDestroy@CContainerUI@DuiLib@@UBE_NXZ
?SetDelayedDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsMouseChildEnabled@CContainerUI@DuiLib@@UBE_NXZ
?SetMouseChildEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z
?GetScrollPos@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?GetScrollRange@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetScrollPos@CContainerUI@DuiLib@@UAEXUtagSIZE@@_N@Z
?SetScrollStepSize@CContainerUI@DuiLib@@UAEXH@Z
?GetScrollStepSize@CContainerUI@DuiLib@@UBEHXZ
?LineUp@CContainerUI@DuiLib@@UAEXXZ
?LineDown@CContainerUI@DuiLib@@UAEXXZ
?PageUp@CContainerUI@DuiLib@@UAEXXZ
?PageDown@CContainerUI@DuiLib@@UAEXXZ
?HomeUp@CContainerUI@DuiLib@@UAEXXZ
?EndDown@CContainerUI@DuiLib@@UAEXXZ
?LineLeft@CContainerUI@DuiLib@@UAEXXZ
?LineRight@CContainerUI@DuiLib@@UAEXXZ
?PageLeft@CContainerUI@DuiLib@@UAEXXZ
?PageRight@CContainerUI@DuiLib@@UAEXXZ
?HomeLeft@CContainerUI@DuiLib@@UAEXXZ
?EndRight@CContainerUI@DuiLib@@UAEXXZ
?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z
?GetVerticalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?GetHorizontalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?SetFloatPos@CContainerUI@DuiLib@@MAEXH@Z
?ProcessScrollBar@CContainerUI@DuiLib@@MAEXUtagRECT@@HH@Z
?GetItemAt@CContainerUI@DuiLib@@UBEPAVCControlUI@2@H@Z
?GetItemIndex@CContainerUI@DuiLib@@UBEHPAVCControlUI@2@@Z
?SetItemIndex@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?GetCount@CContainerUI@DuiLib@@UBEHXZ
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?Remove@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?RemoveAt@CContainerUI@DuiLib@@UAE_NH@Z
?RemoveAll@CContainerUI@DuiLib@@UAEXXZ
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPB_W@Z
??BCDuiString@DuiLib@@QBEPB_WXZ
??HCDuiString@DuiLib@@QBE?AV01@PB_W@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
??1CDuiString@DuiLib@@QAE@XZ
?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ
??0WindowImplBase@DuiLib@@QAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
??0CDuiString@DuiLib@@QAE@PB_WH@Z
?IsAutoDestroy@CContainerUI@DuiLib@@UBE_NXZ
??8CDuiString@DuiLib@@QBE_NPB_W@Z
?IsSelected@COptionUI@DuiLib@@QBE_NXZ
?Format@CDuiString@DuiLib@@QAAHPB_WZZ
?SetBkImage@CControlUI@DuiLib@@QAEXPB_W@Z
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?GetInstance@CPaintManagerUI@DuiLib@@SAPAUHINSTANCE__@@XZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?GetSizeBox@CPaintManagerUI@DuiLib@@QAEAAUtagRECT@@XZ
?GetCaptionRect@CPaintManagerUI@DuiLib@@QAEAAUtagRECT@@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?HandleCustomMessage@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z
?GetZIPFileName@WindowImplBase@DuiLib@@UBE?AVCDuiString@2@XZ
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
??0CDuiString@DuiLib@@QAE@XZ
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
?Left@CDuiString@DuiLib@@QBE?AV12@H@Z
?Right@CDuiString@DuiLib@@QBE?AV12@H@Z
??9CDuiString@DuiLib@@QBE_NPB_W@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?GetChildPadding@CContainerUI@DuiLib@@UBEHXZ
?SetInset@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z
?GetInset@CContainerUI@DuiLib@@UBE?AUtagRECT@@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
?DoPostPaint@CVerticalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
??0CDuiRect@DuiLib@@QAE@XZ
?GetInterface@CVerticalLayoutUI@DuiLib@@UAEPAXPB_W@Z
?DoPaint@CContainerUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?GetPaintDC@CPaintManagerUI@DuiLib@@QBEPAUHDC__@@XZ
?GenerateBitmap@CRenderEngine@DuiLib@@SAPAUHBITMAP__@@PAVCPaintManagerUI@2@PAVCControlUI@2@UtagRECT@@@Z
?SetAttribute@CVerticalLayoutUI@DuiLib@@UAEXPB_W0@Z
?Invalidate@CControlUI@DuiLib@@QAEXXZ
?GetPaintWindow@CPaintManagerUI@DuiLib@@QBEPAUHWND__@@XZ
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetName@CControlUI@DuiLib@@UAEXPB_W@Z
?GetControlFlags@CVerticalLayoutUI@DuiLib@@UBEIXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?SetManager@CContainerUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetText@CControlUI@DuiLib@@UAEXPB_W@Z
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?SetChildPadding@CContainerUI@DuiLib@@UAEXH@Z
?SetPos@CVerticalLayoutUI@DuiLib@@UAEXUtagRECT@@_N@Z
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetX@CControlUI@DuiLib@@UBEHXZ
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetMouseEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?GetFloatPercent@CControlUI@DuiLib@@UBE?AUtagTPercentInfo@2@XZ
?SetFloatPercent@CControlUI@DuiLib@@UAEXUtagTPercentInfo@2@@Z
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetInternVisible@CContainerUI@DuiLib@@UAEX_N@Z
?SetToolTip@CControlUI@DuiLib@@UAEXPB_W@Z
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?GetShortcut@CControlUI@DuiLib@@UBE_WXZ
?SetShortcut@CControlUI@DuiLib@@UAEX_W@Z
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?DoEvent@CVerticalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetVisible@CContainerUI@DuiLib@@UAEX_N@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?Init@CControlUI@DuiLib@@UAEXXZ
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?SetUserData@CControlUI@DuiLib@@UAEXPB_W@Z
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ

ws2_32

WSACleanup
WSAStartup
connect
recv
send
shutdown
bind
ntohs
inet_addr
setsockopt
socket
htonl
ntohl
gethostbyname
inet_ntoa
recvfrom
sendto
closesocket
freeaddrinfo
WSASetLastError
__WSAFDIsSet
WSAGetLastError
WSAIoctl
getsockname
getsockopt
getpeername
accept
listen
ioctlsocket
gethostname
htons
getaddrinfo
select

wldap32

ord41
ord46
ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord27
ord33
ord301

iphlpapi

GetAdaptersInfo

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsW

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 685KB - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9bd987d73412246a60519b13ae114df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

timeforyearui

ws2_32

wldap32

iphlpapi

setupapi

oleaut32

Sections

.text Size: 353KB - Virtual size: 353KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 685KB - Virtual size: 685KB

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 353KB - Virtual size: 353KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 685KB - Virtual size: 685KB

.reloc
Size: 30KB - Virtual size: 29KB