e18f0af221535d072f71cf22f6fde3a49cd98482badf6b375310cfadab063862

Sharing

Copy URL Twitter E-mail

General

Target

e18f0af221535d072f71cf22f6fde3a49cd98482badf6b375310cfadab063862
Size

7.9MB
MD5

b14cfeddfed057befc4260f95be936af
SHA1

78d30a952ea3596a1c836dc1659d0002e14ae34e
SHA256

e18f0af221535d072f71cf22f6fde3a49cd98482badf6b375310cfadab063862
SHA512

db0e6a6127085c41ae280ef732a31868242ef92791e2a170fc6ed06c9411aa44e2cebdc6eb81bde737e5e62b31a6982ade2aa9ab414cad17940929280375be34
SSDEEP

98304:J0KFFi/wtf6+2WMdvKlhYN+s3P4abrjD8MgBpjMOp:J0mFi/wtS+2wabrjD8MgBpjF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e18f0af221535d072f71cf22f6fde3a49cd98482badf6b375310cfadab063862

Files

e18f0af221535d072f71cf22f6fde3a49cd98482badf6b375310cfadab063862
.exe windows x86

786ce0246f70db05bdf2bed841b44bd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

webview2loader

CreateCoreWebView2EnvironmentWithOptions

avcodec-58

av_init_packet
av_packet_unref

avformat-58

av_read_frame
av_register_all
avformat_close_input
avformat_open_input

kernel32

GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
InitializeSListHead
VirtualQuery
VirtualAlloc
GetSystemInfo
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringW
SwitchToThread
GetCPInfo
GetStartupInfoW
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
GetProfileIntW
GetTickCount
SearchPathW
GetTempPathW
GetWindowsDirectoryW
SetErrorMode
VerifyVersionInfoW
VerSetConditionMask
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
IsProcessorFeaturePresent
GetLocaleInfoW
GlobalFlags
GetAtomNameW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetShortPathNameW
GetFullPathNameW
FlushFileBuffers
CompareStringA
lstrcmpA
GetCurrentThread
GlobalReAlloc
GetFileSize
InitializeCriticalSectionAndSpinCount
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
MulDiv
GlobalSize
LoadLibraryW
FreeLibrary
MoveFileW
CopyFileW
SetFileAttributesW
DeleteFileW
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapSize
HeapReAlloc
HeapDestroy
RaiseException
DecodePointer
FreeResource
GetCurrentProcess
GetVolumeInformationW
GetLogicalDrives
GetDriveTypeW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
FindResourceExW
GetCurrentDirectoryW
Sleep
GetFileAttributesW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
lstrlenW
lstrcpyW
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
CreateSemaphoreExW
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
GetProcessHeap
HeapFree
HeapAlloc
SetLastError
OutputDebugStringW
DebugBreak
IsDebuggerPresent
WideCharToMultiByte
FormatMessageW
LocalFree
FindResourceW
WriteConsoleW
SizeofResource
LockResource
LoadResource
GetVersionExW
GetLastError
CloseHandle
FindNextFileW
FindFirstFileW
FindClose
CreateFileW
CreateDirectoryW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetCommandLineA

user32

SystemParametersInfoW
CopyImage
LoadImageW
DestroyIcon
IsRectEmpty
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetRectEmpty
SendDlgItemMessageA
WindowFromPoint
ClientToScreen
ReleaseDC
GetWindowDC
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetWindowThreadProcessId
GetActiveWindow
TranslateMessage
GetMessageW
LoadMenuW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
ShowOwnedPopups
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
CopyAcceleratorTableW
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
UpdateWindow
InvalidateRgn
GetTabbedTextExtentW
GetWindowRgn
GetDCEx
MessageBoxW
SendMessageW
EnableWindow
GetWindowRect
GetSysColor
GetDC
DrawEdge
GetMonitorInfoW
IntersectRect
EnumDisplayMonitors
MonitorFromWindow
MonitorFromRect
MonitorFromPoint
SetRect
LoadBitmapW
SetWindowLongW
GetWindowLongW
LoadIconW
LoadCursorW
GetWindow
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
IsZoomed
WaitMessage
CharUpperW
DestroyMenu
GetMenuItemInfoW
GetKeyNameTextW
MapVirtualKeyW
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
GetDialogBaseUnits
TrackMouseEvent
CopyRect
GetCursorPos
SetCursor
SetWindowRgn
SetLayeredWindowAttributes
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
RegisterClipboardFormatW
DeleteMenu
NotifyWinEvent
GetIconInfo
TrackPopupMenu
DestroyCursor
WindowFromDC
CreateMenu
GetComboBoxInfo
InSendMessage
SendNotifyMessageW
GetUpdateRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
MessageBeep
IsWindow
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
InvalidateRect
GetClientRect
EqualRect
GetParent
SetCapture
ReleaseCapture
FillRect
InflateRect
OffsetRect
PtInRect
PostMessageW
IsIconic
keybd_event
SetTimer
KillTimer
GetSystemMetrics
GetSystemMenu
AppendMenuW
DrawIcon
SetForegroundWindow
DefFrameProcW
DrawMenuBar
UpdateLayeredWindow
CharUpperBuffW
CharNextW
IsClipboardFormatAvailable
SetMenuDefaultItem
GetDoubleClickTime
FrameRect
CopyIcon
SetCursorPos
InvertRect
HideCaret
EnableScrollBar
GetMenuDefaultItem
SetClassLongW
LockWindowUpdate
EnumChildWindows
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
ModifyMenuW
SetParent
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
BeginDeferWindowPos
GetNextDlgGroupItem

gdi32

DeleteDC
GetDeviceCaps
SetViewportExtEx
DeleteObject
Ellipse
SetBkColor
SetTextColor
CreateDIBPatternBrushPt
CopyMetaFileW
CreateBitmap
GetObjectW
CreateHatchBrush
CreatePatternBrush
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
SetWindowExtEx
SetWindowOrgEx
CreateDCW
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetDIBits
PatBlt
RealizePalette
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
GetRgnBox
OffsetRgn
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
SetPixelV
ExtCreateRegion
CreateRoundRectRgn
CreateRectRgn
CreateEllipticRgn
CombineRgn
SetPixel
SelectObject
GetTextExtentPoint32W
CreatePen
CreateFontIndirectW
ExtTextOutW
TextOutW
RectVisible
PtVisible
Escape
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
OffsetViewportOrgEx
SetViewportOrgEx
BitBlt

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW

advapi32

RegEnumKeyW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegSetValueExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
ExtractIconW
SHAddToRecentDocs
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetFolderPathW

comctl32

InitCommonControlsEx
ImageList_AddMasked
_TrackMouseEvent

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW
PathAppendW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveExtensionW

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
IsAppThemed
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetWindowTheme
DrawThemeBackground
GetThemeSysColor

ole32

OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleRun
CoFreeUnusedLibraries
OleQueryLinkFromData
CreateItemMoniker
OleInitialize
OleUninitialize
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
OleSetClipboard
OleGetClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CoGetMalloc
OleCreate
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal
CoTaskMemFree
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
OleQueryCreateFromData

oleaut32

SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayDestroyDescriptor
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VarDateFromStr
SystemTimeToVariantTime
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayUnaccessData
RegisterTypeLi
LoadTypeLi
DispCallFunc
LoadRegTypeLi
VarBstrCmp
VariantCopy
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysStringLen
VariantTimeToSystemTime
VarCyFromStr
SysFreeString
SysAllocStringLen
SysReAllocStringLen

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePaletteSize
GdipGetImagePalette
GdipAlloc
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipBitmapGetPixel
GdipBitmapSetPixel
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipDrawImageRectRect
GdipCreatePath
GdipDeletePath
GdipAddPathStringI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateLineBrushI
GdipCreatePen1
GdipDeletePen
GdipSetPenLineJoin
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipDrawPath
GdipFillPath
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateStringFormat
GdipDeleteStringFormat
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipFillRectangle
GdipGetImageGraphicsContext
GdipGetImagePixelFormat

ws2_32

htons
ntohs
recv
htonl
getsockname
getpeername
closesocket
inet_addr
connect
bind
inet_ntoa
WSAGetLastError
recvfrom
WSAAsyncSelect
accept
WSASetLastError
WSACleanup
WSAStartup
gethostbyname
socket
sendto
send
select

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 594KB - Virtual size: 594KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

786ce0246f70db05bdf2bed841b44bd9

Headers

DLL Characteristics

File Characteristics

Imports

webview2loader

avcodec-58

avformat-58

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 594KB - Virtual size: 594KB

.data Size: 40KB - Virtual size: 61KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

.reloc Size: 217KB - Virtual size: 216KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 594KB - Virtual size: 594KB

.data
Size: 40KB - Virtual size: 61KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

.reloc
Size: 217KB - Virtual size: 216KB