e82ce4ceabf3ca1815f06426f738c3e1acf4d957aced7f13889306345acc5f7a

Sharing

Copy URL

Twitter E-mail

General

Target

e82ce4ceabf3ca1815f06426f738c3e1acf4d957aced7f13889306345acc5f7a
Size

3.3MB
MD5

08d360d7bf86c8cb8b6a2b6e565a8029
SHA1

c0ffd517cafcf913455a8df0930aff8fc4153900
SHA256

e82ce4ceabf3ca1815f06426f738c3e1acf4d957aced7f13889306345acc5f7a
SHA512

a870b55508aa11e1a3135fbd81e2e2f25d261f79158daa111e825e39793d829aeab6eed0188f5adc278b835b0a83a0b91a4763541a8ae69312bcc7e06723bd80
SSDEEP

98304:NG/NQqBpP6QzJ3/4keTpEVH00YCoLs1AojzS0hDarSI8c:8/NnP5bVcLsZhDart8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e82ce4ceabf3ca1815f06426f738c3e1acf4d957aced7f13889306345acc5f7a

Files

e82ce4ceabf3ca1815f06426f738c3e1acf4d957aced7f13889306345acc5f7a
.dll windows x86

58084d868fdb31b9c81c669c51e72713

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bmplatform9

ReleaseBMObject
CreateBMObject

kernel32

GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
GetDriveTypeW
GetConsoleMode
GetConsoleCP
GetStdHandle
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
ExitProcess
GetFileType
SetStdHandle
SetEnvironmentVariableW
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
SwitchToThread
FormatMessageA
OutputDebugStringW
FreeEnvironmentStringsW
SetConsoleCtrlHandler
SetCurrentDirectoryW
QueryPerformanceFrequency
CreateFileW
GetFileSizeEx
ReadFile
SetFilePointer
CloseHandle
GetLastError
GetModuleFileNameW
DecodePointer
RaiseException
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
GetCurrentProcessId
InitializeCriticalSectionEx
DeleteCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceW
lstrcpynW
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
MulDiv
FormatMessageW
CopyFileW
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleW
GetProcAddress
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetEvent
WaitForSingleObject
CreateEventW
GetCurrentThreadId
SetThreadPriority
SuspendThread
ResumeThread
OutputDebugStringA
GetCurrentThread
GetVersionExW
FreeLibrary
GetModuleHandleA
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CompareStringA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
WriteConsoleW
DeleteFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetShortPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
LoadLibraryA
lstrcmpiW
MoveFileW
GetStringTypeExW
GetThreadLocale
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
CompareStringW
GlobalGetAtomNameW
GetAtomNameW
SystemTimeToFileTime
EncodePointer
GetSystemDirectoryW
GlobalFindAtomW
GlobalFlags
GetCurrentDirectoryW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetFileAttributesW
GetFileAttributesExW
GetFileTime
LocalFileTimeToFileTime
SetFileAttributesW
SetFileTime
VirtualProtect
lstrcpyW
FindResourceExW
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTempPathW
GetTickCount
GetProfileIntW
SearchPathW
Sleep
GetDiskFreeSpaceW
GetTempFileNameW
ReplaceFileW
GetUserDefaultLCID
LocalLock
LocalUnlock
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetDialogBaseUnits
LoadImageW
TrackMouseEvent
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
DestroyIcon
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoW
CopyImage
RealChildWindowFromPoint
GetDesktopWindow
ClientToScreen
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
DrawStateW
GetWindowRect
GetClientRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
CloseClipboard
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
SetClassLongW
SetWindowRgn
SetParent
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetMessageW
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
UnregisterClassW
GetMenuStringW
PostThreadMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostMessageW
PostQuitMessage
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
CharUpperW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
OpenClipboard
SetClipboardData
BeginPaint
EmptyClipboard
InsertMenuW
AppendMenuW
RemoveMenu
UnhookWindowsHookEx
SendMessageW
GetFocus
CheckMenuItem
SetMenuItemBitmaps
GetTabbedTextExtentW
GetDCEx
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
AdjustWindowRectEx
EnableMenuItem

gdi32

GetTextFaceW
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
DeleteMetaFile
CreateMetaFileW
CloseMetaFile
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
StretchDIBits
GetCharWidthW
CreateFontW
GetCurrentObject
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetDIBits
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetTextMetricsW
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutW
TextOutW
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectW
SetTextColor
SetBkColor
DeleteDC
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegEnumKeyW
RegSetValueW
RegOpenKeyExW
RegQueryValueExW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

shell32

SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHAppBarMessage
SHBrowseForFolderW
SHGetMalloc
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathIsUNCW
StrFormatKBSizeW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

ole32

StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoRegisterMessageFilter
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleLoad
OleSave
OleFlushClipboard
OleSetClipboard
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
OleRun
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject

oleaut32

SysReAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SysAllocStringLen
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantClear
VariantCopy
VariantChangeType
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
VariantInit
SysStringByteLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
SysAllocString
SafeArrayUnlock
SysFreeString

oledlg

OleUIBusyW

sparce2raw

??0CSparce2Raw@@QAE@XZ
?GetImgSize@CSparce2Raw@@QAE_KPAX@Z
??1CSparce2Raw@@QAE@XZ

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

CreateBMAFramework
CreateXmlConfigParse

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 586KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58084d868fdb31b9c81c669c51e72713

Headers

DLL Characteristics

File Characteristics

Imports

bmplatform9

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

sparce2raw

gdiplus

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 586KB - Virtual size: 586KB

.data Size: 34KB - Virtual size: 54KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 206KB - Virtual size: 206KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 586KB - Virtual size: 586KB

.data
Size: 34KB - Virtual size: 54KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 206KB - Virtual size: 206KB