ca71d03c82fa2ed78e461a9eb4bba335374d345c3594a2a7ea1a9f5286807510

Sharing

Copy URL Twitter E-mail

General

Target

ca71d03c82fa2ed78e461a9eb4bba335374d345c3594a2a7ea1a9f5286807510
Size

1.3MB
MD5

04a8a884e9673f8b2f758a2c68c9e18d
SHA1

dc35befe8e111ac33d876a9c61693c15ad7608a9
SHA256

ca71d03c82fa2ed78e461a9eb4bba335374d345c3594a2a7ea1a9f5286807510
SHA512

71027fd3b1070c6b275e259ea78650e62eee53fcdb02280f52f847ac751e4f55026b3bfb01e6a2b09aa72feb98ad6c1981cedcf5aea991456e4a2b9be6f95407
SSDEEP

24576:AtKcxrmoEOLPUUk//bksqjnhMgeiCl7G0nehbGZpbD:otCx//cDmg27RnWGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca71d03c82fa2ed78e461a9eb4bba335374d345c3594a2a7ea1a9f5286807510

Files

ca71d03c82fa2ed78e461a9eb4bba335374d345c3594a2a7ea1a9f5286807510
.exe windows x64

23790ea59eecd19695f1b6f4acef5f2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

d3d11

D3D11CreateDevice

d2d1

ord1

dwrite

DWriteCreateFactory

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
DecodePointer
CloseHandle
RaiseException
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
Sleep
CreateThread
SuspendThread
GetSystemPowerStatus
ResumeThread
WaitForMultipleObjectsEx
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
CreateFileW
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
MultiByteToWideChar
EncodePointer
SetLastError
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
GetACP
IsValidCodePage
FindNextFileW
GetOEMCP
FindFirstFileExW
FindClose
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
SetEndOfFile
WriteConsoleW
GetCurrentProcessId
RtlUnwind
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
ExitProcess
GetCommandLineW
GetCommandLineA
LoadLibraryExW
RtlUnwindEx
RtlPcToFileHeader

user32

GetClientRect
MoveWindow
QueryDisplayConfig
GetDisplayConfigBufferSizes
DestroyCursor
LoadCursorW
GetWindowRect
MessageBoxW
AdjustWindowRect
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
SetThreadDesktop
OpenInputDesktop
FindWindowW
CloseDesktop

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW

ole32

CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23790ea59eecd19695f1b6f4acef5f2c

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

d2d1

dwrite

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 305KB - Virtual size: 305KB

.rdata Size: 122KB - Virtual size: 122KB

.data Size: 128KB - Virtual size: 137KB

.pdata Size: 16KB - Virtual size: 16KB

.rsrc Size: 146KB - Virtual size: 145KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 305KB - Virtual size: 305KB

.rdata
Size: 122KB - Virtual size: 122KB

.data
Size: 128KB - Virtual size: 137KB

.pdata
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 146KB - Virtual size: 145KB

.reloc
Size: 568KB - Virtual size: 572KB