2fb9b52306b9a2dfaf925cb2f759f3fda008fc8a73224321d05fe08e397ba737

Sharing

Copy URL Twitter E-mail

General

Target

2fb9b52306b9a2dfaf925cb2f759f3fda008fc8a73224321d05fe08e397ba737
Size

1.9MB
MD5

8cdfd2c3a29b9323fb9611de12adf496
SHA1

f7bfb87cef1424f564689ee36ac605f0406e71ce
SHA256

2fb9b52306b9a2dfaf925cb2f759f3fda008fc8a73224321d05fe08e397ba737
SHA512

bed92f8678b99d24bd5afac5d5d9746d92b61dc084bc09692ec221de566039d5fbd8ed7bdf139912110746ca11d5a20c5bb63a61e1a49ef1aa512da2e2e5b1f6
SSDEEP

49152:D5sSZHUzcHjDmBeltWKoAJXJtPC8y61AXWXiBfgpkFe1m2SSt1JLlm74ZVdIYC5z:D/UQHjDmBefWKosX7py61AXWXiBfgjmQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb9b52306b9a2dfaf925cb2f759f3fda008fc8a73224321d05fe08e397ba737

Files

2fb9b52306b9a2dfaf925cb2f759f3fda008fc8a73224321d05fe08e397ba737
.dll windows x86

7090cca6f6b4ea8e9163aeef82ee2ae4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

kernel32

GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
SetHandleCount
GetStdHandle
GetStartupInfoW
HeapCreate
HeapDestroy
FreeEnvironmentStringsW
GetConsoleMode
GetLocaleInfoW
GetTimeZoneInformation
GetDriveTypeW
GetStringTypeW
WriteConsoleW
GetProcessHeap
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEnvironmentVariableA
GetConsoleCP
LCMapStringW
GetEnvironmentStringsW
IsProcessorFeaturePresent
SizeofResource
LockResource
LoadResource
FindResourceW
CompareStringW
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
WideCharToMultiByte
lstrcatA
MulDiv
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetModuleHandleA
GetProcAddress
SetLastError
DeactivateActCtx
GetLastError
ActivateActCtx
lstrcpyA
FreeLibrary
GetWindowsDirectoryA
DeviceIoControl
CloseHandle
CreateFileA
OutputDebugStringA
GlobalFree
GlobalAlloc
CreateMutexA
CreateEventA
ResetEvent
ReleaseMutex
ReadFile
GetOverlappedResult
WriteFile
WaitForSingleObject
GetTickCount
GetModuleFileNameA
Sleep
SetEvent
WaitForMultipleObjects
FindClose
FindFirstFileA
UnmapViewOfFile
CancelIo
MapViewOfFile
CreateFileMappingA
FlushViewOfFile
HeapQueryInformation
HeapSize
ExitProcess
GetFileType
SetStdHandle
CreateThread
ExitThread
GetCommandLineA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapFree
FindFirstFileExA
GetDriveTypeA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
RtlUnwind
RaiseException
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetCurrentThreadId
SleepEx
QueryPerformanceCounter
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
GetCurrentDirectoryA
GetACP
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
GetModuleHandleW
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileA
lstrcmpiA
SuspendThread
ResumeThread
SetThreadPriority
FileTimeToLocalFileTime
FindNextFileA
lstrcmpA
FileTimeToSystemTime
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
FindResourceA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
CopyFileA
GlobalSize
GlobalLock
GlobalUnlock
lstrlenW
GetPrivateProfileStringA
FormatMessageA
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
lstrcpynA

user32

CharUpperBuffA
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
SetClassLongA
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadMenuA
InsertMenuItemA
TranslateAcceleratorA
GetNextDlgGroupItem
CopyImage
HideCaret
InvertRect
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
NotifyWinEvent
MessageBeep
SetWindowRgn
GetSystemMenu
LoadMenuW
DeleteMenu
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
UnregisterClassA
ShowOwnedPopups
PostQuitMessage
CharUpperA
GetMessageA
ValidateRect
DestroyMenu
GetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
WindowFromPoint
IntersectRect
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
CheckDlgButton
GetWindowDC
LoadIconW
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
PostThreadMessageA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
GetScrollPos
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
SetWindowPos
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
RegisterDeviceNotificationA
GetAsyncKeyState
SetWindowLongA
IsIconic
LoadIconA
DestroyCaret
ShowCaret
SetCaretPos
CreateCaret
GrayStringA
DrawTextExA
LoadCursorA
IsRectEmpty
PtInRect
OffsetRect
SendMessageA
DrawTextA
TabbedTextOutA
SetScrollPos
BringWindowToTop
RegisterWindowMessageA
DrawIcon
ShowScrollBar
LockWindowUpdate
ClientToScreen
SetForegroundWindow
GetWindowLongA
GetClassInfoA
DefWindowProcA
GetFocus
ReleaseDC
TranslateMessage
WaitMessage
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetWindowRgn
ShowWindow
IsWindowVisible
SendMessageTimeoutA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
MessageBoxA
PostMessageA
IsClipboardFormatAvailable
InsertMenuA
MapDialogRect
SubtractRect
GetDoubleClickTime
GetUpdateRect
CreateMenu
SetPropA
GetClientRect
BeginPaint
EndPaint
UpdateWindow
InvalidateRect
GetParent
IsWindow
GetMenu
SystemParametersInfoA
EnableWindow
DrawFrameControl
GetSysColorBrush
GetSysColor
SetRect
InflateRect
DrawEdge
GetWindowRect
GetCapture
SetCapture
ReleaseCapture
GetMessagePos
GetSystemMetrics
CopyRect
DrawFocusRect
RedrawWindow
FrameRect
LoadBitmapW
SetRectEmpty
FillRect
IsChild
GetCursorPos
SetTimer
KillTimer
SetCursor
DestroyCursor
CopyIcon
DrawStateA
GetDC
GetDesktopWindow
GetIconInfo
LoadImageA
DestroyIcon
DrawIconEx
GetWindow
ScreenToClient
GetKeyState
CreatePopupMenu
LoadAcceleratorsA

gdi32

SelectClipRgn
CreateRectRgn
DeleteDC
SetPixel
CreatePatternBrush
GetBkColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
DPtoLP
LPtoDP
GetCurrentObject
PtVisible
RectVisible
TextOutA
Escape
CreateDIBSection
CreateFontA
CopyMetaFileA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetLayout
SetLayout
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
SelectPalette
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateDIBitmap
CreateRoundRectRgn
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
OffsetRgn
GetRgnBox
SetDIBColorTable
StretchBlt
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceA
LineTo
DeleteObject
GetPixel
CreateSolidBrush
CreateBitmap
GetStockObject
Polygon
GetTextMetricsA
ExtTextOutA
CreateDCA
GetObjectA
GetTextExtentPoint32A
SetBrushOrgEx
SetTextColor
SetBkColor
Rectangle
RealizePalette
GetDeviceCaps
CreatePalette
CreatePen
BitBlt
PatBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetTextCharsetInfo
EnumFontFamiliesA
ExtSelectClipRgn
CreateFontIndirectA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegQueryValueA
RegEnumKeyA

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetPathFromIDListA

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFileExistsA

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoUninitialize
CoCreateGuid
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
DoDragDrop
CoTaskMemFree

oleaut32

VarBstrFromDate
VariantInit
SysAllocStringLen
VarDateFromStr
SysFreeString
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetHidGuid

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

AG_AllReg
AG_BpInfo
AG_BreakFunc
AG_GoStep
AG_HistFunc
AG_Init
AG_MemAcc
AG_MemAtt
AG_RegAcc
AG_Serial
DllUv3Cap
EnumUv351

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7090cca6f6b4ea8e9163aeef82ee2ae4

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

hid

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 307KB - Virtual size: 307KB

.data Size: 27KB - Virtual size: 328KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 198KB - Virtual size: 198KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 307KB - Virtual size: 307KB

.data
Size: 27KB - Virtual size: 328KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 198KB - Virtual size: 198KB