d6e583cce897f5dc029295797ecf509770d69290c9328f389a838cd157498eed

Sharing

Copy URL Twitter E-mail

General

Target

d6e583cce897f5dc029295797ecf509770d69290c9328f389a838cd157498eed
Size

6.4MB
MD5

654450ab0df0f09260c19436a33f45e4
SHA1

a0c650b39f904c256a32bf1ee9e32a65e222dd09
SHA256

d6e583cce897f5dc029295797ecf509770d69290c9328f389a838cd157498eed
SHA512

e8db7ef025ff6e89638db0c18833a7d8ecb2f7909c404b10eb10f525ca06184f3d017a6af7a1d1df8f4fe5566f8ce7b34da4baa451d9c19d8d76f090b5635f92
SSDEEP

98304:mZosk2nArwnhhgT6zAPUCJbuDB11eAafgH4Ojh3F6xRGrFAp091VagqTKmOVW9:Wk25kTeAPUC8z1euLh3MspBVzE9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6e583cce897f5dc029295797ecf509770d69290c9328f389a838cd157498eed

Files

d6e583cce897f5dc029295797ecf509770d69290c9328f389a838cd157498eed
.dll windows x64

7bfef10b962386573ecb94fefdfa32ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVolumeInformationW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateThread
SetThreadPriority
VirtualQuery
WideCharToMultiByte
CopyFileW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileAttributesExW
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExW
GetCurrentThreadId
GetFileAttributesW
WaitForSingleObject
FindClose
GetModuleFileNameW
TerminateProcess
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
ReadFile
FreeLibrary
GetProcAddress
LoadLibraryW
GetTickCount
ExitProcess
FreeResource
InitializeCriticalSection
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
IsDebuggerPresent
FindResourceW
LoadResource
LockResource
SizeofResource
Process32NextW
CloseHandle
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcess
Sleep
DeleteFileW
CreateFileW
GetProcessHeap
DeleteCriticalSection
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualAlloc
GetSystemInfo
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
RaiseException
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetTempFileNameW
GetProfileIntW
GetTempPathW
SearchPathW
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FindResourceExW
VerifyVersionInfoW
VerSetConditionMask
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameW
GetFileSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
FlushFileBuffers
VirtualProtect
LocalFree
FormatMessageW
OutputDebugStringA
EncodePointer
GetModuleHandleW
GetModuleHandleExW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CompareStringW
GetCurrentProcessId
GetCurrentThread
lstrcmpA
GetTickCount64
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetThreadLocale
lstrcpyW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
GlobalGetAtomNameW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags

user32

SetCursor
AdjustWindowRectEx
PeekMessageW
MessageBoxW
GetKeyState
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
RemoveMenu
RegisterWindowMessageW
DispatchMessageW
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetMenu
GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
ScrollWindow
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
ScreenToClient
SendMessageW
EqualRect
GetWindowLongPtrW
SetWindowLongPtrW
GetClassLongPtrW
GetTopWindow
GetLastActivePopup
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
ShowWindow
CheckDlgButton
SetWindowTextW
IsDialogMessageW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadMenuW
GetKeyNameTextW
InvalidateRect
PostQuitMessage
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
ShowOwnedPopups
CharNextW
CreateDialogIndirectParamW
EndDialog
DrawFocusRect
NotifyWinEvent
SendDlgItemMessageA
SetRectEmpty
GetMenuItemInfoW
InflateRect
SystemParametersInfoW
MonitorFromPoint
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
PostThreadMessageW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
CharUpperW
TrackMouseEvent
BringWindowToTop
LoadAcceleratorsW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
ModifyMenuW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LockWindowUpdate
SetClassLongPtrW
DrawEdge
DrawFrameControl
DrawIconEx
UnionRect
GetIconInfo
GetMenuDefaultItem
EnableScrollBar
HideCaret
InvertRect
SetCursorPos
CopyIcon
FrameRect
CharUpperBuffW
UpdateLayeredWindow
SetMenuDefaultItem
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
GetComboBoxInfo
DestroyCursor
GetWindowRgn
EnableWindow
UnregisterClassW
MapVirtualKeyW
MapWindowPoints
ReleaseDC
DestroyIcon
SetWindowLongW
IsZoomed
SetRect
GetWindowLongW
GetSystemMenu
GetWindow
GetFocus
DestroyWindow
IsWindowVisible
SetWindowPos
SetWindowRgn
FillRect
MessageBeep
WindowFromPoint
GetScrollPos
DrawIcon
OffsetRect
GetCapture
SetTimer
RedrawWindow
GetScrollRange
CopyRect
GetDlgCtrlID
ClientToScreen
GetSysColor
IsWindowEnabled
SetMenu
WinHelpW
LoadBitmapW
IsRectEmpty
IntersectRect
SetFocus
GetClassNameW
SetParent
SetCapture
SetScrollRange
KillTimer
SetScrollPos
PtInRect
UpdateWindow
ReleaseCapture
IsIconic
GetNextDlgTabItem
PostMessageW
DeleteMenu
CreatePopupMenu
TrackPopupMenu
GetSubMenu
IsWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
DestroyMenu
TranslateAcceleratorW
InsertMenuW
AppendMenuW
CreateMenu
GetCursorPos
wsprintfW
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
WaitForInputIdle
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData
GetParent
SetForegroundWindow
CopyImage
DefWindowProcW
CreateWindowExW
LoadStringW
GetActiveWindow
GetClassInfoW
RegisterClassW
LoadIconW
LoadCursorW
GetDesktopWindow
LoadImageW
GetWindowRect
GetDC
GetSystemMetrics
GetWindowDC
GetClientRect

gdi32

GetLayout
GetWindowExtEx
SetPixel
CreateHatchBrush
GetWindowOrgEx
CreatePatternBrush
GetPixel
CreateBitmap
CombineRgn
GetViewportOrgEx
PatBlt
CreateRoundRectRgn
GetTextMetricsW
CreateRectRgn
CreatePen
Rectangle
Ellipse
CreateSolidBrush
CreateEllipticRgn
RoundRect
CopyMetaFileW
GetTextExtentPoint32W
CreateFontIndirectW
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
CreateDCW
CreateCompatibleDC
StretchBlt
RealizePalette
GetStockObject
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette
CreatePalette
GetObjectW
SetStretchBltMode
DeleteObject
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetTextColor
SetDIBColorTable
SetLayout
SetMapMode
FillRgn
SetBkMode
SetPixelV
GetTextFaceW
PtInRegion
GetBoundsRect
FrameRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExW
Polyline
Polygon
CreatePolygonRgn
OffsetRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetRgnBox
DPtoLP
SetRectRgn
GetMapMode
GetTextColor
GetBkColor
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode

advapi32

RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueW
RegCreateKeyExW

shell32

SHGetFileInfoW
SHAppBarMessage
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
Shell_NotifyIconW
ShellExecuteW
DragFinish
SHBrowseForFolderW

ole32

CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
DoDragDrop
OleGetClipboard
OleLockRunning
CoGetClassObject
RegisterDragDrop
RevokeDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
CoDisconnectObject
CoLockObjectExternal
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
IsAccelerator

oleaut32

VariantClear
VariantChangeType
VarBstrFromDate
SysStringLen
SysAllocStringLen
VariantCopy
SysAllocString
OleCreateFontIndirect
SysFreeString
LoadTypeLi
VariantInit
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_AddMasked
ImageList_Destroy

msimg32

TransparentBlt
AlphaBlend

uxtheme

CloseThemeData
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
DrawThemeText
GetWindowTheme
IsAppThemed
GetThemePartSize
OpenThemeData

oledlg

OleUIBusyW

gdiplus

GdipCloneImage
GdipGetImagePaletteSize
GdipGetImageHeight
GdiplusStartup
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipDrawImageI
GdiplusShutdown
GdipCreateFromHDC
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipDrawImageRectI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

shlwapi

PathFindFileNameW
PathIsUNCW
StrFormatKBSizeW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW

Exports

Exports

my_method1

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 587KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24.9MB - Virtual size: 24.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bfef10b962386573ecb94fefdfa32ea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

uxtheme

oledlg

gdiplus

oleacc

imm32

winmm

winspool.drv

shlwapi

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 587KB - Virtual size: 587KB

.data Size: 33KB - Virtual size: 70KB

.pdata Size: 94KB - Virtual size: 93KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 24.9MB - Virtual size: 24.9MB

.reloc Size: 63KB - Virtual size: 62KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 587KB - Virtual size: 587KB

.data
Size: 33KB - Virtual size: 70KB

.pdata
Size: 94KB - Virtual size: 93KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 24.9MB - Virtual size: 24.9MB

.reloc
Size: 63KB - Virtual size: 62KB