aeff791c2cf74f3bdda5bb4939f7c4c53c4a1c37b6940b537b297489e8755504

Sharing

Copy URL Twitter E-mail

General

Target

aeff791c2cf74f3bdda5bb4939f7c4c53c4a1c37b6940b537b297489e8755504
Size

1.2MB
MD5

a8a986dad082faabc4636ac428d2288f
SHA1

18139e9b5c500e1f9b2a762eb8443ed1f1c1ff99
SHA256

aeff791c2cf74f3bdda5bb4939f7c4c53c4a1c37b6940b537b297489e8755504
SHA512

09025e396f701e739924b132676d1988f9462422f8096a0208555ebcb965225aae4ef298ec288b5ef4f77a20a2bc129f55e9737ed7adb2605b82a9d830b48418
SSDEEP

24576:kVbZSYQdeZLa9r4yM4r9S4UeqKSVeONuJeopFGXXsi:IQcZLSrVS4UbKSVZEJehXXsi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeff791c2cf74f3bdda5bb4939f7c4c53c4a1c37b6940b537b297489e8755504

Files

aeff791c2cf74f3bdda5bb4939f7c4c53c4a1c37b6940b537b297489e8755504
.exe windows x86

dea7861c77e5b9789595f3b8cc8b84d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
Sleep
GetLastError
CreateThread
SetCurrentDirectoryW
FreeLibrary
AllocConsole
SetConsoleTitleW
OutputDebugStringA
OutputDebugStringW
FindFirstFileA
HeapFree
lstrlenW
InitializeCriticalSectionAndSpinCount
FindClose
WaitForSingleObject
HeapSize
CreateEventW
MultiByteToWideChar
SetEvent
TerminateThread
HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
GetProcessHeap
GetModuleHandleW
WideCharToMultiByte
lstrcpyW
GetFullPathNameW
GetCurrentDirectoryW
FlushFileBuffers
ReadConsoleW
GetConsoleMode
ReadConsoleA
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetACP
WriteFile
GetModuleFileNameA
FindNextFileW
FindFirstFileExW
ReadFile
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
CreateFileW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
RtlUnwind
CreateEventA
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetCPInfo
GetFileAttributesW
GetModuleFileNameW
GetPrivateProfileIntW
GetStdHandle
ReadProcessMemory
DeleteCriticalSection
GetProcAddress
LoadLibraryW
InitializeCriticalSection
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
WriteProcessMemory
GetProcessTimes
QueryPerformanceCounter
QueryPerformanceFrequency
GetConsoleCP
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
AttachConsole
FreeConsole
SetEndOfFile
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
SetFilePointerEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
EncodePointer

user32

RegisterClassW
LoadIconW
SetRect
MessageBoxW
ShowWindow
UnregisterClassW
GetSystemMetrics
CreateWindowExW
SetWindowPos
DestroyWindow
AdjustWindowRectEx
DefWindowProcW
GetWindowLongW
ReleaseDC
SetForegroundWindow
DialogBoxParamW
PostQuitMessage
LoadCursorFromFileA
CopyIcon
GetCursor
ClientToScreen
LoadCursorW
ClipCursor
SetCursor
SetClassLongA
SetCursorPos
GetMessageW
GetSystemMenu
MapVirtualKeyW
GetDC
GetMenuItemCount
SendMessageW
EndDialog
SetWindowTextW
LoadAcceleratorsW
GetKeyNameTextA
DispatchMessageW
SetTimer
CopyRect
PeekMessageW
TranslateAcceleratorW
TranslateMessage
InsertMenuW
SetWindowLongW

gdi32

CreateFontIndirectW
CreateCompatibleDC
AddFontResourceExW
SelectObject
EnumFontFamiliesExW
GetTextMetricsW
DeleteDC
GetGlyphOutlineW
DeleteObject
GetCharABCWidthsFloatW
RemoveFontResourceExW
GetStockObject

advapi32

RegOpenKeyExW

imm32

ImmDisableIME

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateTextureFromFileExA
D3DXCreateEffect
D3DXCreateSprite
D3DXCreateTextureFromFileExW
D3DXMatrixTransformation2D
D3DXGetImageInfoFromFileInMemory
D3DXFillTexture
D3DXMatrixMultiply
D3DXCreateTexture
D3DXGetImageInfoFromFileW
D3DXSaveTextureToFileW
D3DXCreateTextureFromFileInMemoryEx

xinput1_3

ord2

gdiplus

GdiplusStartup
GdiplusShutdown

wmvcore

WMCreateSyncReader

winmm

waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutReset
waveOutClose
waveOutOpen
midiOutGetErrorTextW
midiOutPrepareHeader
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiStreamPause
midiStreamClose
midiOutReset
midiStreamRestart
midiOutShortMsg
midiStreamOut

shlwapi

PathFindExtensionA
PathFileExistsW

Sections

.text
Size: 915KB - Virtual size: 914KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dea7861c77e5b9789595f3b8cc8b84d0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

imm32

d3d9

d3dx9_43

xinput1_3

gdiplus

wmvcore

winmm

shlwapi

Sections

.text Size: 915KB - Virtual size: 914KB

.rdata Size: 153KB - Virtual size: 153KB

.data Size: 33KB - Virtual size: 157KB

.gfids Size: 1024B - Virtual size: 800B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 85KB - Virtual size: 85KB

.reloc Size: 47KB - Virtual size: 46KB

.text
Size: 915KB - Virtual size: 914KB

.rdata
Size: 153KB - Virtual size: 153KB

.data
Size: 33KB - Virtual size: 157KB

.gfids
Size: 1024B - Virtual size: 800B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 85KB - Virtual size: 85KB

.reloc
Size: 47KB - Virtual size: 46KB