c4a0a6b12686375d6d71190477b345c8d932989f313520398ba1ac5e90f84994

Sharing

Copy URL

Twitter E-mail

General

Target

c4a0a6b12686375d6d71190477b345c8d932989f313520398ba1ac5e90f84994
Size

4.1MB
MD5

4b954688276de8eed9ab4ec6905bfcf2
SHA1

9a7d928e223579450273712694944710b6c0267e
SHA256

c4a0a6b12686375d6d71190477b345c8d932989f313520398ba1ac5e90f84994
SHA512

b1703c53c1e55198097ce454e8d293e66f2c048efa6d917d8db13ca9f3d084ddf40441e1125f0441c8c6d99ee3d2f06b1758f757d7f51fd28e70c403dd4a8755
SSDEEP

98304:Mo6dBbxsWvMJeBo80FphLsQGiHhvTrEOMZ:Mo6dBStp6g5TrEO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4a0a6b12686375d6d71190477b345c8d932989f313520398ba1ac5e90f84994

Files

c4a0a6b12686375d6d71190477b345c8d932989f313520398ba1ac5e90f84994
.dll windows x86

a111093a6060b73f4a370072f816409a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleMode
GetConsoleCP
CompareStringW
GetTimeZoneInformation
GetStringTypeW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
SetHandleCount
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringW
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
WideCharToMultiByte
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
CreateThread
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
SetEnvironmentVariableA
RaiseException
RtlUnwind
GetCommandLineA
HeapFree
HeapAlloc
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
GetWindowsDirectoryA
GetOEMCP
GetCPInfo
GetACP
lstrcpyA
GlobalFlags
GetCurrentDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
FileTimeToSystemTime
CreateFileW
WriteConsoleW
VirtualAlloc
InterlockedIncrement
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
LoadLibraryW
lstrcmpW
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleW
FreeLibrary
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
ActivateActCtx
LoadLibraryA
DeactivateActCtx
CreateFileA
lstrcmpiA
GetLastError
SetLastError
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
FreeResource
GetTempPathA
GetModuleHandleA
GetTempFileNameA
GlobalFree
GetProcAddress
GlobalUnlock
MultiByteToWideChar
GlobalAlloc
GlobalLock
FindResourceA
DeleteFileA
Sleep
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource

user32

DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
CharUpperBuffA
CopyIcon
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
FrameRect
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongA
DestroyAcceleratorTable
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
GetMenuItemInfoA
CreatePopupMenu
IsMenu
DestroyMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
WindowFromPoint
SetCapture
RedrawWindow
GetSystemMenu
LoadMenuW
DestroyIcon
IsIconic
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
RealChildWindowFromPoint
DeleteMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
IntersectRect
InflateRect
RegisterWindowMessageA
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
TranslateMDISysAccel
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
PtInRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetClassNameA
UpdateWindow
FillRect
DrawStateA
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetWindowsHookExA
CallNextHookEx
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
GetWindowRgn
DrawIcon
GetMessageA
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
MapDialogRect
DestroyCursor
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
GetClassLongA
IsCharLowerA
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
PostQuitMessage
CharUpperA
GetSystemMetrics
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadBitmapA
SetCursor
LoadCursorW
GetDesktopWindow
IsWindowVisible
GetParent
GetWindowLongA
EnableWindow
MessageBoxA
InvalidateRect
GetWindow
PostMessageA
KillTimer
SetTimer
OffsetRect
ReleaseDC
GetDC
GetClientRect
GetWindowRect
DispatchMessageA
TranslateMessage
PeekMessageA
IsWindow
SendMessageA
SetWindowRgn

gdi32

CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextExtentPoint32A
CreateRoundRectRgn
CreateDIBSection
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceA
SetPixelV
GetPixel
GetWindowExtEx
StretchBlt
CreatePen
GetViewportExtEx
GetObjectType
PtVisible
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
SetPixel
CreateCompatibleDC
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateSolidBrush
CreateBitmap
CreateDCA
CopyMetaFileA
DeleteDC
GetDeviceCaps
CreateDCW
DeleteObject
GetObjectA
CreateFontIndirectA
GetStockObject
BitBlt
CreateCompatibleBitmap
RectVisible

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueExA
RegEnumValueA
RegQueryValueA

shell32

DragQueryFileA
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
DragFinish
SHAppBarMessage
SHGetSpecialFolderLocation

comctl32

_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW

ole32

DoDragDrop
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
ReleaseStgMedium
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoCreateGuid
CoTaskMemFree
CreateStreamOnHGlobal
OleDuplicateData

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdiplusShutdown
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipAlloc
GdipLoadImageFromFile
GdipFree
GdipLoadImageFromStream
GdipDrawImageRect
GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdipDrawImageI

wininet

InternetQueryOptionA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
HttpOpenRequestA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Exports

Exports

SetupSetProgress
SetupShowMainWnd
testui

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a111093a6060b73f4a370072f816409a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

wininet

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 275KB - Virtual size: 275KB

.data Size: 22KB - Virtual size: 51KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 169KB - Virtual size: 169KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 275KB - Virtual size: 275KB

.data
Size: 22KB - Virtual size: 51KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 169KB - Virtual size: 169KB