170f9aedf3c621248c46e81bbe477daa23f0e06fa3d2a290431dc8a477c13c52

Sharing

Copy URL Twitter E-mail

General

Target

170f9aedf3c621248c46e81bbe477daa23f0e06fa3d2a290431dc8a477c13c52
Size

2.1MB
MD5

e1deeebc25003286545d7257590d8019
SHA1

d85479261da4aa5ca874df88e0691f9645923203
SHA256

170f9aedf3c621248c46e81bbe477daa23f0e06fa3d2a290431dc8a477c13c52
SHA512

5a940788fed98d00eb05b0348188d556e1cf59241de61ae9b5dd45913374fcb9aa3c77704221f309af094425074e6109aa74cf408c202e9b11adc7319fbc4007
SSDEEP

49152:PWITd5AyHvnnzWMp58A8HSDG8LoAwRGXuf/bokCr37tOsn:xbnHvnqMt8oHoAmGXuf/bokCr37t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
170f9aedf3c621248c46e81bbe477daa23f0e06fa3d2a290431dc8a477c13c52

Files

170f9aedf3c621248c46e81bbe477daa23f0e06fa3d2a290431dc8a477c13c52
.dll windows x86

1fabb3fde1e2c2ac5855b6c69f04d8ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SystemTimeToFileTime
LocalFileTimeToFileTime
CreateFileW
SetFilePointer
SetFileTime
WriteFile
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
CreateThread
SetEvent
CreateEventW
SetThreadPriority
VirtualQuery
WideCharToMultiByte
CopyFileW
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
SetCurrentDirectoryW
GetCurrentDirectoryW
GetSystemInfo
CloseHandle
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetVersionExW
GetFileAttributesW
WaitForSingleObject
FindClose
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
ReadFile
CreateDirectoryW
FreeLibrary
UnmapViewOfFile
LoadLibraryW
GetTickCount
FindResourceW
LoadResource
LockResource
FreeResource
GetCurrentThreadId
InitializeCriticalSection
SizeofResource
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
IsDebuggerPresent
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetPrivateProfileStringW
DeleteFileW
ExitProcess
Sleep
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetFileSize
GetProcAddress
EnterCriticalSection
OutputDebugStringA
GetCurrentThread
GetModuleHandleA
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
ResumeThread
GetPrivateProfileIntW
WritePrivateProfileStringW
GlobalAddAtomW
lstrcpyW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
LocalFree
SetErrorMode
FormatMessageW
EncodePointer
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
CompareStringW
GetThreadLocale
LoadLibraryA
GlobalFindAtomW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
lstrcmpiW
GlobalGetAtomNameW
VerSetConditionMask
VerifyVersionInfoW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
VirtualProtect
SearchPathW
GetProfileIntW
FindResourceExW
GetTempFileNameW
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
GetModuleHandleExW
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
VirtualAlloc
QueryPerformanceFrequency
SetStdHandle
GetFileType
SetFilePointerEx
GetStdHandle
GetConsoleOutputCP
GetConsoleMode
HeapFree

user32

EndPaint
PostThreadMessageW
ShowWindow
GetDlgItem
CheckDlgButton
SetFocus
GetWindowTextLengthW
SetWindowLongW
IsDialogMessageW
CharNextW
SetCapture
ReleaseCapture
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
IsRectEmpty
EqualRect
IsChild
GetNextDlgGroupItem
GetNextDlgTabItem
GetTopWindow
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetCapture
GetMenu
SetMenu
TrackPopupMenu
GetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
AdjustWindowRectEx
MapWindowPoints
GetClassLongW
SetScrollInfo
GetScrollInfo
WinHelpW
GetSysColorBrush
DestroyIcon
CharUpperW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
SetRectEmpty
UnpackDDElParam
ReuseDDElParam
SetParent
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
TrackMouseEvent
GetAsyncKeyState
GetSystemMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
TabbedTextOutW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GrayStringW
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetClassLongW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetIconInfo
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
CreateMenu
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
DrawTextExW
DrawTextW
InvalidateRect
UpdateWindow
KillTimer
RealChildWindowFromPoint
GetClassNameW
PtInRect
ClientToScreen
GetWindowTextW
SetWindowTextW
GetDlgCtrlID
DeleteMenu
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnhookWindowsHookEx
MonitorFromPoint
InflateRect
CopyRect
FillRect
GetSysColor
ScreenToClient
IsWindow
RegisterWindowMessageW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
PostQuitMessage
BeginPaint
wsprintfW
GetKeyState
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
WaitForInputIdle
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData
SetForegroundWindow
CopyImage
GetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
GetPropW
CreateWindowExW
SendMessageW
RemovePropW
LoadStringW
GetActiveWindow
GetClassInfoW
SetTimer
RegisterClassW
SetPropW
LoadIconW
LoadCursorW
GetDesktopWindow
GetParent
LoadImageW
GetWindowRect
GetDC
GetSystemMetrics
GetWindowDC
GetClientRect
ReleaseDC
MessageBoxW
UnregisterClassW
GetKeyboardState
ModifyMenuW

gdi32

CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
CreateHatchBrush
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
CreatePen
CreateDCW
CopyMetaFileW
GetObjectType
SetPixelV
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
CreateBitmap
GetTextFaceW
RestoreDC
GetTextExtentPoint32W
CreateFontIndirectW
BitBlt
CreateCompatibleBitmap
SelectObject
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
GetMapMode
OffsetRgn
CreateRoundRectRgn
SetPixel
PatBlt
CombineRgn
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetRgnBox
CreateRectRgnIndirect
GetTextColor
GetBkColor
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
DeleteDC
DeleteObject
GetObjectW
CreatePalette
SelectPalette
GetSystemPaletteEntries
GetDeviceCaps
GetStockObject
RealizePalette
StretchBlt
CreateCompatibleDC
SetDIBColorTable
CreateDIBSection

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetSpecialFolderPathW
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetPathFromIDListW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetFileInfoW

ole32

CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
DoDragDrop
OleGetClipboard
ReleaseStgMedium
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoCreateGuid

oleaut32

SysStringLen
SafeArrayDestroy
VarBstrFromDate
VariantClear
VariantChangeType
VariantCopy
SysAllocString
OleCreateFontIndirect
SysFreeString
LoadTypeLi
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDrawImageI
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipSetCompositingMode
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipSetInterpolationMode

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathFindFileNameW
StrFormatKBSizeW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW

uxtheme

GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetThemeSysColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

oledlg

OleUIBusyW

ws2_32

WSACleanup

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

Exports

Exports

CheckAutoRun
SetArParm

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fabb3fde1e2c2ac5855b6c69f04d8ac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

msimg32

shlwapi

uxtheme

oledlg

ws2_32

oleacc

imm32

winmm

winspool.drv

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 352KB - Virtual size: 352KB

.data Size: 24KB - Virtual size: 42KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 147KB - Virtual size: 147KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 352KB - Virtual size: 352KB

.data
Size: 24KB - Virtual size: 42KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 147KB - Virtual size: 147KB