910c74a6a446ac4f0f555f6de96bf3c2b3adad9c246512b469ade9f66c6d744c

Sharing

Copy URL Twitter E-mail

General

Target

910c74a6a446ac4f0f555f6de96bf3c2b3adad9c246512b469ade9f66c6d744c
Size

3.2MB
MD5

d619a72bc61aad527b47e31960a3c3cf
SHA1

5bc61faaaa5ab3c2f9ce911a7cc8a28448ec692a
SHA256

910c74a6a446ac4f0f555f6de96bf3c2b3adad9c246512b469ade9f66c6d744c
SHA512

43fa13755ed67bca54871628478ccb622c3bec0c34b0be9bcc12ec8f48d6927428620463b77f93c73d7851ea5c02aacf5b0a8495364022ec6ae3dd3b11eeca0b
SSDEEP

49152:meGuGHzgUBC8RlhYVKpHvtaWr2g49L8JaxNXWDQQMRDnsbAdmje6FDVdM48+4:2zgX8d7r2GQNXWE3Znjdmi6FLG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
910c74a6a446ac4f0f555f6de96bf3c2b3adad9c246512b469ade9f66c6d744c

Files

910c74a6a446ac4f0f555f6de96bf3c2b3adad9c246512b469ade9f66c6d744c
.dll windows x86

a352dffdd9ade2aaf2a6c1f67e512645

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindFirstFileW
FindNextFileW
LocalFree
CreateThread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetFilePointer
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MoveFileW
lstrlenW
lstrcmpW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
WriteProcessMemory
VirtualFreeEx
VirtualAllocEx
GetWindowsDirectoryW
GetLocalTime
OpenProcess
GetStartupInfoW
CreateProcessW
GetCurrentThreadId
GetCurrentThread
CreateRemoteThread
GetCurrentProcessId
CreateMutexW
OutputDebugStringW
GetTempPathW
WriteFile
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
ReadFile
GetFileSizeEx
GetFileSize
GetFileAttributesW
CreateFileA
GetCommandLineW
MoveFileExW
WaitForMultipleObjects
Sleep
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
InitializeCriticalSection
WideCharToMultiByte
lstrcpyW
LoadLibraryW
GetModuleFileNameW
FreeLibrary
GetCurrentProcess
CreateEventW
WaitForSingleObject
SetEvent
DeleteFileW
MultiByteToWideChar
ReadDirectoryChangesW
CancelIo
PostQueuedCompletionStatus
CreateIoCompletionPort
CloseHandle
CreateFileW
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
GetVersionExW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
SetStdHandle
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
ExitThread
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
CreateTimerQueue
FlushFileBuffers
GetSystemWindowsDirectoryW
InterlockedCompareExchange
GetSystemDirectoryW
lstrcmpiA
lstrcmpA
InitializeSListHead
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsBadReadPtr
ResetEvent
GetQueuedCompletionStatus
ResumeThread
GetTempFileNameW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
GetVersion
ExitProcess
GetACP
FreeResource
MulDiv
FindNextFileA
ReleaseMutex
OpenFileMappingW
LoadLibraryExW
IsDebuggerPresent
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
QueryPerformanceCounter
DeviceIoControl
SetLastError
AreFileApisANSI
GetFileInformationByHandle
GetFileAttributesExW
FindFirstFileExW
FormatMessageW
GetStringTypeW
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
DuplicateHandle
TryEnterCriticalSection
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer

user32

GetWindowTextLengthW
SetWindowTextW
FillRect
RemovePropW
FindWindowExW
CreateAcceleratorTableW
InvalidateRgn
RegisterClassExW
DefWindowProcW
DispatchMessageW
TranslateMessage
RegisterWindowMessageW
GetWindow
SendMessageW
CharLowerBuffW
SetWindowLongW
GetWindowLongW
ScreenToClient
PostQuitMessage
UnhookWinEvent
SetWinEventHook
GetWindowTextW
IsIconic
IsWindowVisible
FindWindowW
GetDesktopWindow
PtInRect
CopyRect
KillTimer
SetTimer
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
GetWindowThreadProcessId
GetClassNameW
GetCursorPos
GetWindowRect
EnumWindows
SetForegroundWindow
GetForegroundWindow
BringWindowToTop
SetWindowPos
MoveWindow
IsWindow
AttachThreadInput
wsprintfW
PostThreadMessageW
PeekMessageW
GetMessageW
GetShellWindow
IsWindowEnabled
DestroyWindow
DestroyIcon
MonitorFromWindow
ChangeWindowMessageFilter
CreateWindowExW
GetDC
ReleaseDC
MonitorFromPoint
PostMessageW
IsChild
GetWindowDC
UpdateLayeredWindow
IsZoomed
CharNextW
SetFocus
GetFocus
GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
CreateCaret
GetCaretBlinkTime
SetCaretPos
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
GetParent
CharPrevW
DrawTextW
SetRect
LoadImageW
DrawIconEx
GetIconInfo
wvsprintfW
SetCursor
InflateRect
OffsetRect
LoadCursorW
CallWindowProcW
RegisterClassW
GetClassInfoExW
ShowWindow
EnableWindow
SetPropW
GetPropW
SetWindowRgn
MessageBoxW
HideCaret
ShowCaret
ClientToScreen
GetSysColor

gdi32

SetWindowOrgEx
CombineRgn
CreateRectRgnIndirect
CreateRoundRectRgn
GetCharABCWidthsW
GetClipBox
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
GetObjectW
TextOutW
ExtTextOutW
CreateDCW
GetDIBits
SetDIBitsToDevice
CreateSolidBrush
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetTextExtentPoint32W
SelectObject
GetTextMetricsW
SaveDC
RestoreDC
Rectangle
GetStockObject
SetDIBColorTable
DeleteObject
CreatePen

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegGetValueW
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetFileInfoW
ord727
SHFileOperationW
ord155
SHGetPathFromIDListW
SHGetFolderLocation
SHGetKnownFolderPath
SHGetDesktopFolder
SHOpenWithDialog
SHChangeNotify
ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW
ord165

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemFree
CoUninitialize
CoInitialize
OleUninitialize

oleaut32

SafeArrayCreate
SafeArrayPutElement
VariantInit
SysAllocString
VariantClear

shlwapi

StrStrIA
SHAutoComplete
PathCombineW
PathFileExistsW
StrStrIW
wnsprintfW
PathRemoveFileSpecW
PathAppendW
PathIsDirectoryW
StrFormatByteSizeW
StrRetToStrW
StrTrimA
PathFindFileNameW
SHGetValueW
StrCmpIW
SHDeleteKeyW
SHDeleteValueW
SHSetValueW
ord176
SHGetValueA
SHSetValueA
StrCmpNIW

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

crypt32

CertGetNameStringW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust

gdiplus

GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGraphicsClear
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAddPathArc
GdipDrawEllipseI
GdipLoadImageFromFile
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipCreateHBITMAPFromBitmap

msimg32

GradientFill
AlphaBlend

comctl32

_TrackMouseEvent
ord17
ImageList_DrawEx
InitCommonControlsEx

Exports

Exports

CreateTrayClient

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a352dffdd9ade2aaf2a6c1f67e512645

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

version

wininet

iphlpapi

crypt32

wintrust

gdiplus

msimg32

comctl32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 317KB - Virtual size: 317KB

.data Size: 30KB - Virtual size: 48KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 92KB - Virtual size: 91KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 317KB - Virtual size: 317KB

.data
Size: 30KB - Virtual size: 48KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 92KB - Virtual size: 91KB