8594ed13d29732ba24074101e3155c94a603df3879ba4a4909b1ef3aa4393e04

Sharing

Copy URL Twitter E-mail

General

Target

8594ed13d29732ba24074101e3155c94a603df3879ba4a4909b1ef3aa4393e04
Size

340KB
MD5

b63ec1883a928539aa17b503c8c968f6
SHA1

cbf6df218fda825de46a0959546e9cadc9d4739d
SHA256

8594ed13d29732ba24074101e3155c94a603df3879ba4a4909b1ef3aa4393e04
SHA512

e66eb16ed86cb9befbf8342e988b97e08b3dded87e5fce77ee1374473e127fcb6eff13eafa2bad4e7104682055c1107b88a121dd3bb2ef12de371f5a4745949c
SSDEEP

6144:1aYIRhuqJm8gBYjkr/FETnH7prtyQT0vyAU5Y6Uof:1fIm8sFaby/vyAUw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8594ed13d29732ba24074101e3155c94a603df3879ba4a4909b1ef3aa4393e04

Files

8594ed13d29732ba24074101e3155c94a603df3879ba4a4909b1ef3aa4393e04
.dll windows x86

052f87e0c363809ee67c489218b1d1b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

gdiplus

GdipDrawRectangleI
GdipCreateBitmapFromGdiDib
GdipFillRectangleI
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateLineBrushI
GdipMeasureString
GdipDrawLineI
GdipDrawLines
GdipDeleteFontFamily
GdipDeleteStringFormat
GdipDrawString
GdipGetImageEncoders
GdipSetPenDashStyle
GdipDeleteGraphics
GdipCreateSolidFill
GdipFillEllipseI
GdipDrawImageRectRect
GdipDeleteBrush
GdipFree
GdipCloneImage
GdipDeletePen
GdipGetImageHeight
GdipDrawEllipseI
GdipCreateFromHDC
GdipAlloc
GdipLoadImageFromFile
GdipCloneBrush
GdipFillPolygonI
GdipCreateFont
GdipCreateBitmapFromFile
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipScaleWorldTransform
GdipDrawLine
GdipGetImageEncodersSize
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipCreateFontFamilyFromName
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipDeleteFont
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectI
GdipCreatePen1
GdipGetImageWidth
GdipDisposeImage

kernel32

ConvertDefaultLocale
GetCurrentThread
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GlobalFlags
GetCPInfo
GetOEMCP
GetThreadLocale
WritePrivateProfileStringA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
EnumResourceLanguagesA
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
RtlUnwind
RaiseException
ExitProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
CreateFileW
GetACP
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
lstrcmpA
GetModuleFileNameW
GetCurrentProcessId
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
InterlockedDecrement
InterlockedIncrement
SetLastError
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
OutputDebugStringA
CopyFileA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualQuery
GetModuleFileNameA
MulDiv
LoadResource
SizeofResource
FindResourceA
LockResource
InterlockedExchange
WideCharToMultiByte
GetLastError
CompareStringA
lstrlenA
MultiByteToWideChar
GetVersion

user32

RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
BeginPaint
EndPaint
IsWindowEnabled
GetWindowThreadProcessId
SetWindowTextA
CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
WindowFromPoint
GetCursorPos
PostQuitMessage
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageA
UnregisterClassA
GetSysColorBrush
DestroyMenu
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
WinHelpA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowPos
DefWindowProcA
RegisterClassA
LoadIconA
GetWindowLongA
SetWindowLongA
ReleaseCapture
ClientToScreen
PostMessageA
ScreenToClient
CopyRect
SetCapture
GetDesktopWindow
IsWindow
LoadCursorA
MoveWindow
SetCursor
CallNextHookEx
ShowWindow
SetWindowsHookExA
SetParent
GetWindowRect
UnhookWindowsHookEx
FindWindowA
DeferWindowPos
EndDeferWindowPos
SendMessageW
SetRect
DestroyWindow
UpdateWindow
EnableWindow
SendMessageA
GetParent
InvalidateRect
DrawTextW
GetDC
WindowFromDC
ReleaseDC
GetClientRect
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetMenu
BeginDeferWindowPos

gdi32

GetTextExtentPoint32W
Rectangle
GetPixel
LineTo
SetBkMode
ExtCreatePen
Arc
CreateFontIndirectW
CreateFontA
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
MoveToEx
SetBkColor
SaveDC
RestoreDC
GetStockObject
CreateFontIndirectA
SetTextColor
CreatePen
CreateCompatibleDC
SetStretchBltMode
CreateDIBSection
StretchDIBits
GetClipBox
TextOutW
StretchBlt
DeleteObject
DeleteDC
SetMapMode
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
SelectObject

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyA
RegQueryValueExA

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameA
PathAppendA
PathRemoveFileSpecA
PathFindExtensionA

oleaut32

SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
VariantInit

Exports

Exports

CreateImageButton
CreateMainView
CreateShapeEle
CreateSubsButton
CreateTransView
CreateView
DestroyImageButton
DestroyMainView
DestroyShapeEle
DestroyView
_InitModule@4

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

052f87e0c363809ee67c489218b1d1b6

Headers

File Characteristics

Imports

winmm

gdiplus

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 28KB - Virtual size: 24KB

.reloc Size: 28KB - Virtual size: 25KB

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 28KB - Virtual size: 24KB

.reloc
Size: 28KB - Virtual size: 25KB