5efe6992e93ce8cb06bdd9f2f254da35f86c63dd1c052d5cf390a3b25555c075

Sharing

Copy URL

Twitter E-mail

General

Target

5efe6992e93ce8cb06bdd9f2f254da35f86c63dd1c052d5cf390a3b25555c075
Size

3.7MB
MD5

4deb376fb2fa3bf4cc39e036bb13fe08
SHA1

7ee40ade68e0044d2ca03d612b948c29c60ac320
SHA256

5efe6992e93ce8cb06bdd9f2f254da35f86c63dd1c052d5cf390a3b25555c075
SHA512

e85cc5df3337a7b76189db1a140e38168c63dfd6c5c762accbd723730e102fe2eb4a67bbab0314799a69f9a387bc704cc3e2d2222291170bf22405d004d6dccd
SSDEEP

49152:+laZWB880whB+ds2DmScdwgDgNim3jYyO0Iyjjv612FTZgPwVeYyI9xbhwyjMrMd:AHt2DmDM/nEEQmeVITbKQMr79s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5efe6992e93ce8cb06bdd9f2f254da35f86c63dd1c052d5cf390a3b25555c075

Files

5efe6992e93ce8cb06bdd9f2f254da35f86c63dd1c052d5cf390a3b25555c075
.dll windows x64

ed87e5fc009dbe7f5507b5c7d50ecdc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
CreateFileA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
OutputDebugStringA
HeapCreate
AreFileApisANSI
FormatMessageW
DeviceIoControl
GetFileSizeEx
LoadLibraryA
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OpenFileMappingW
OpenMutexW
ReleaseMutex
CreateMutexW
HeapReAlloc
GetSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
SetFilePointer
InterlockedPopEntrySList
InitializeSListHead
GetSystemInfo
OutputDebugStringW
IsDebuggerPresent
DeleteFileA
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
FormatMessageA
LockResource
FlushFileBuffers
InitializeCriticalSection
TryEnterCriticalSection
GetFileAttributesExW
CreateFileW
FindFirstFileW
MulDiv
LoadLibraryW
GetVersionExW
CloseHandle
SetEvent
CreateEventW
WaitForMultipleObjects
lstrcpyW
Sleep
lstrlenW
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
SetUnhandledExceptionFilter
LoadLibraryExW
GetTickCount
lstrcmpiW
FreeLibrary
GetModuleHandleW
LocalFree
GetProcAddress
FindResourceW
LoadResource
MultiByteToWideChar
SetErrorMode
GetModuleFileNameW
GetLongPathNameW
GetCommandLineW
SizeofResource
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetFileTime
WriteFile
ReadFile
FindClose
FindNextFileW
ResumeThread
SetLastError
DeleteCriticalSection
GlobalMemoryStatusEx
FreeResource
CreateProcessW
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetLocalTime
GetCurrentProcessId
GetLogicalDriveStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
GetCurrentProcess
QueryDosDeviceW
GetProcessHeap
HeapAlloc
OpenProcess
HeapFree
ResetEvent
MoveFileW
GetTempFileNameW
CopyFileW
MoveFileExW
GetWindowsDirectoryW
GetCurrentDirectoryW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
GetTempPathW
GetFullPathNameW
CreateDirectoryW
GetFileTime
GetFileSize
EncodePointer
SetEndOfFile
WaitForSingleObject
WideCharToMultiByte
InterlockedPushEntrySList
GetACP
DecodePointer
RaiseException
GetLastError
GetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount

user32

CallWindowProcW
GetWindowLongW
SetCursor
GetWindowRect
ScreenToClient
IntersectRect
ReleaseDC
SetWindowPos
DestroyCursor
SetRectEmpty
TrackMouseEvent
SetCapture
ReleaseCapture
GetWindowThreadProcessId
GetLastActivePopup
AttachThreadInput
GetForegroundWindow
GetClassNameW
SetForegroundWindow
wsprintfW
FindWindowW
EqualRect
UpdateLayeredWindow
GetMenuStringW
InsertMenuW
SetRect
RegisterWindowMessageW
UnionRect
EndDialog
IsWindowEnabled
GetMenuItemInfoW
CheckMenuRadioItem
MessageBoxW
GetMenuItemCount
LoadStringA
SetWindowTextW
MessageBeep
CreatePopupMenu
LoadStringW
SetMenuItemInfoW
MapWindowPoints
SetMenuDefaultItem
DestroyMenu
TranslateAcceleratorW
LoadIconW
TrackPopupMenuEx
RemoveMenu
AppendMenuW
PostQuitMessage
CreateMenu
MonitorFromPoint
GetDC
IsWindowVisible
MonitorFromWindow
GetMonitorInfoW
IsRectEmpty
GetWindowLongPtrW
SetClassLongW
RedrawWindow
SetFocus
SetWindowLongW
IsZoomed
GetDlgItem
InvalidateRect
IsIconic
GetCursorPos
BeginPaint
EndPaint
GetWindow
GetParent
ShowWindow
UnregisterClassW
SendMessageW
PostMessageW
LoadImageW
GetClassInfoExW
SystemParametersInfoW
GetDesktopWindow
LoadCursorW
IsWindow
RegisterClassExW
GetSystemMetrics
CreateWindowExW
SetWindowLongPtrW
TranslateMessage
CharNextW
PeekMessageW
DispatchMessageW
DestroyWindow
DefWindowProcW
GetMessageW
KillTimer
SetClipboardData
DestroyCaret
GetClipboardData
CreateCaret
EmptyClipboard
CloseClipboard
SetTimer
OpenClipboard
SetCaretPos
DrawTextW
CopyRect
DialogBoxParamW
GetActiveWindow
GetKeyState
PtInRect
OffsetRect
GetClientRect
MoveWindow

gdi32

SetBrushOrgEx
SelectClipRgn
SetArcDirection
SetDCBrushColor
SetStretchBltMode
SetROP2
SetDCPenColor
CreateDIBSection
GetTextColor
SetGraphicsMode
SetBkColor
SetWorldTransform
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetViewportOrgEx
CreateRectRgn
CreatePolygonRgn
CreateEllipticRgn
CombineRgn
SelectObject
GetStockObject
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
DeleteObject
CreateFontIndirectW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
GetUserNameW

shell32

SHGetFileInfoW
CommandLineToArgvW
DragQueryFileW
DragFinish
SHGetFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
RevokeDragDrop
CreateStreamOnHGlobal
RegisterDragDrop
CoCreateInstance

oleaut32

VarUI4FromStr

msvcp140

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

2345miniui

?GetRootView@RCMiniUIDialogView@RC@@UEAAPEAVRCMiniUIView@2@XZ
?SetBounds@RCMiniUIView@RC@@QEAAXAEBUtagRECT@@@Z
?GetBounds@RCMiniUIView@RC@@QEBA?AUtagRECT@@XZ
?DoModal@RCMiniUIDialog@RC@@QEAA_JPEAUHWND__@@_J@Z
?OnEsc@RCMiniUIDialogView@RC@@UEAAXXZ
?OnEnter@RCMiniUIDialogView@RC@@UEAAXXZ
?BeforeWindowDestroy@RCMiniUIDialogView@RC@@UEAAXXZ
?OnFirstLayouted@RCMiniUIDialogView@RC@@UEAAXXZ
?GetGlobalSkinPool@RCMiniUIManner@RC@@SAPEAVRCMiniUISkinPoolInterface@2@XZ
?GetGlobalStylePool@RCMiniUIManner@RC@@SAPEAVRCMiniUIStylePoolInterface@2@XZ
?GetMessageLoop@RCMiniUIAppModule@RC@@QEAAPEAVCMessageLoop@WTL@@XZ
?CreateCurrentThreadMessageLoop@RCMiniUIAppModule@RC@@QEAAXXZ
?Term@RCMiniUIAppModule@RC@@QEAAXXZ
?Init@RCMiniUIAppModule@RC@@QEAAXPEAUHINSTANCE__@@@Z
?Instance@RCMiniUIAppModule@RC@@SAAEAV12@XZ
?GetGolobalStringPool@RCMiniUIResourceManager@RC@@SAPEAVRCMiniUIStringPoolInterface@2@XZ
?GetGolobalFontPool@RCMiniUIResourceManager@RC@@SAPEAVRCMiniUIFontPoolInterface@2@XZ
?ReflectNotifications@?$CWindowImplRoot@VRCMiniAtlWindow@@@ATL@@QEAA_JI_K_JAEAH@Z
?IsChecked@RCMiniUiImgChkBox@RC@@QEAA_NXZ
?SetChecked@RCMiniUiImgChkBox@RC@@QEAAX_N@Z
?GetViewByID@RCMiniUIDialogView@RC@@QEBAPEAVRCMiniUIView@2@H@Z
?OnDialogTimer@RCMiniUIDialogView@RC@@UEAA_NIPEAX@Z
?OnMouseMoveInDialog@RCMiniUIDialogView@RC@@UEAAXAEBVCPoint@WTL@@I@Z
?GetToolTip@RCMiniUIDialogView@RC@@UEAAAEAV?$CToolTipCtrlT@VCWindow@ATL@@@WTL@@XZ
?OnDropFiles@RCMiniUIDialogView@RC@@UEAAXAEBV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@Z
?WindowDefKeyPressed@RCMiniUIDialog@RC@@EEAA_NIII@Z
?GetHWND@RCMiniUIDialog@RC@@UEAAPEAUHWND__@@XZ
??1RCMiniUIDialog@RC@@UEAA@XZ
??0RCMiniUIDialog@RC@@QEAA@I@Z
?EndDialog@?$CDialogImpl@VRCMiniUIDialog@RC@@VRCMiniAtlWindow@@@ATL@@QEAAHH@Z
?GetDialogProc@?$CDialogImplBaseT@VRCMiniAtlWindow@@@ATL@@UEAAP6A_JPEAUHWND__@@I_K_J@ZXZ
?OnFinalMessage@?$CDialogImplBaseT@VRCMiniAtlWindow@@@ATL@@UEAAXPEAUHWND__@@@Z
?ProcessWindowMessage@RCMiniUIDialog@RC@@UEAAHPEAUHWND__@@I_K_JAEA_JK@Z
?OnDialogSkinChanged@RCMiniUIDialogView@RC@@UEAAXXZ
?OnAnimateHideEnded@RCMiniUIDialogView@RC@@UEAAXXZ
?OnAnimateShowEnded@RCMiniUIDialogView@RC@@UEAAXXZ
?OnMouseLeaveDialog@RCMiniUIDialogView@RC@@UEAAXXZ
?OnMouseEnterDialog@RCMiniUIDialogView@RC@@UEAAXXZ

imm32

ImmAssociateContextEx
ImmReleaseContext
ImmGetContext
ImmAssociateContext
ImmCreateContext
ImmGetVirtualKey
ImmDestroyContext
ImmGetCompositionStringW

gdiplus

GdipGetClipBoundsI
GdipGetMatrixElements
GdipDeleteRegion
GdipDeleteMatrix
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipCreateFontFromLogfontW
GdipCreateBitmapFromHBITMAP
GdipDrawRectangle
GdipSetPixelOffsetMode
GdipCreateMatrix
GdipCreateRegion
GdipGetRegionHRgn
GdipGetImageEncoders
GdipCreateFromHDC
GdipGetImageEncodersSize
GdipDrawLineI
GdipSetStringFormatLineAlign
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipCloneFontFamily
GdipGetFamilyName
GdipBitmapGetPixel
GdipResetClip
GdipSetClipHrgn
GdipSetSolidFillColor
GdipTranslateTextureTransform
GdipReleaseDC
GdipGetDC
GdipCreateTexture
GdipResetTextureTransform
GdipCreateFromHWND
GdipMeasureString
GdipDrawImageRectI
GdipTransformPointsI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipSetCompositingMode
GdipDrawImageRectRectI
GdipSetClipRectI
GdipCreateBitmapFromFile
GdipSaveImageToFile
GdipCloneImage
GdipDisposeImage
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipGraphicsClear
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipScaleWorldTransform
GdipResetWorldTransform
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipCreateStringFormat
GdipDeleteFontFamily
GdipGetImageHeight
GdipFillPolygonI
GdipSetImageAttributesColorMatrix
GdipSetCompositingQuality
GdipDrawRectangleI
GdipCreateFontFamilyFromName
GdipSaveGraphics
GdipDrawImageRectRect
GdipDrawEllipseI
GdipDisposeImageAttributes
GdipCreateFont
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipDrawLinesI
GdipDrawString
GdipSetImageAttributesWrapMode
GdipFillEllipseI
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipDeleteStringFormat
GdipFillRectangleI
GdipFillRectangle
GdipDeleteFont
GdipGetImageWidth
GdipTranslateWorldTransform
GdipDeletePen
GdipGetWorldTransform
GdipCreatePen1
GdipDrawImagePointRectI
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteBrush
GdipAlloc
GdipCreateSolidFill
GdipFree
GdipCloneBrush
GdipGetClip

dbghelp

MiniDumpWriteDump

vcruntime140

memcpy
_purecall
wcsstr
__std_type_info_name
_CxxThrowException
__std_type_info_destroy_list
memset
memmove
__RTDynamicCast
memchr
memcmp
__std_exception_copy
__std_exception_destroy
__std_terminate
strrchr
__std_type_info_compare
wcsrchr
__C_specific_handler
wcschr
__RTtypeid
strstr
__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
_msize
malloc
_aligned_free
free
_recalloc
calloc
_aligned_malloc

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_register_onexit_function
_errno
_invalid_parameter_noinfo
_initialize_onexit_table
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
terminate
_seh_filter_dll
_cexit
_beginthreadex
_endthreadex
_initialize_narrow_environment

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vswscanf
__stdio_common_vswprintf

api-ms-win-crt-string-l1-1-0

wcsncpy_s
strncpy_s
towlower
towupper
_wcsicmp
strcspn
tolower
_stricmp
strncmp
_wcsnicmp
wcsncpy
strcmp
wcscpy_s

api-ms-win-crt-utility-l1-1-0

qsort
rand
srand

api-ms-win-crt-time-l1-1-0

_mktime64
_localtime64
_localtime64_s
_time64

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-convert-l1-1-0

_wtoi
wcstoul
_wtof

api-ms-win-crt-math-l1-1-0

cos
acosf
acos
cosf
expf
floorf
modf
pow
floor
sqrt
_dtest
sqrtf
sinf

Exports

Exports

ImageEditorMain

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 647KB - Virtual size: 646KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 763KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed87e5fc009dbe7f5507b5c7d50ecdc2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcp140

comctl32

msimg32

2345miniui

imm32

gdiplus

dbghelp

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 647KB - Virtual size: 646KB

.data Size: 32KB - Virtual size: 49KB

.pdata Size: 92KB - Virtual size: 92KB

.rsrc Size: 763KB - Virtual size: 764KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 647KB - Virtual size: 646KB

.data
Size: 32KB - Virtual size: 49KB

.pdata
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 763KB - Virtual size: 764KB

.reloc
Size: 13KB - Virtual size: 12KB