979a2830dc2f1c2eb857686ccd9179f1c0328ec3a618fba9c320b3ef2fec996e

Sharing

Copy URL Twitter E-mail

General

Target

979a2830dc2f1c2eb857686ccd9179f1c0328ec3a618fba9c320b3ef2fec996e
Size

7.7MB
MD5

b6432ded1260342d523545d4d44c6339
SHA1

d61f90af3ce0f4570db9aba2947403b2c26dc31d
SHA256

979a2830dc2f1c2eb857686ccd9179f1c0328ec3a618fba9c320b3ef2fec996e
SHA512

289f2f77f1d2fecfc0aaa81e57215f7de62391b25a8fd61854985d3475aa469765b6628d3e921fcae4ae7bdecd5f11cab68d11faf84d8c21a6d0caa33178004f
SSDEEP

49152:sPdY0v9cNMtXraGhqdTNOlbF0lUS25C1bUINl2ah5ve7qzY9PVCHMEuqGjtHzMYh:4VztK3KCDZXVuNb4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
979a2830dc2f1c2eb857686ccd9179f1c0328ec3a618fba9c320b3ef2fec996e

Files

979a2830dc2f1c2eb857686ccd9179f1c0328ec3a618fba9c320b3ef2fec996e
.exe windows x64

bc32d7b7e166d196272ce44fbc60f245

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

wglMakeCurrent
wglCreateContext
wglShareLists
wglGetProcAddress
wglGetCurrentDC
wglGetCurrentContext
wglDeleteContext

shlwapi

AssocQueryStringW

kernel32

GlobalSize
GlobalLock
AcquireSRWLockShared
ReleaseSRWLockShared
SetThreadErrorMode
GetModuleFileNameW
FreeLibrary
RtlVirtualUnwind
IsDebuggerPresent
LoadLibraryW
UnhandledExceptionFilter
ReleaseSRWLockExclusive
SetUnhandledExceptionFilter
GetProcessHeap
HeapAlloc
HeapFree
WaitForSingleObject
GetProcAddress
LoadLibraryA
LoadLibraryExW
GlobalUnlock
GetLastError
FormatMessageW
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
CreateThread
Sleep
WriteConsoleW
AcquireSRWLockExclusive
GetFileAttributesW
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
CreateNamedPipeW
CloseHandle
GetFullPathNameW
ExitProcess
GetModuleHandleW
GetConsoleMode
GetCurrentThreadId
FindFirstFileW
GetFileInformationByHandleEx
GetFileInformationByHandle
CreateFileW
CreateMutexA
GlobalFree
GlobalAlloc
MultiByteToWideChar
GetModuleHandleA
WaitForSingleObjectEx
HeapReAlloc
QueryPerformanceFrequency
FreeEnvironmentStringsW
QueryPerformanceCounter
ReleaseMutex
FindClose
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
InitializeSListHead
TryAcquireSRWLockExclusive
DuplicateHandle
GetExitCodeProcess
ReadFileEx
SleepEx
WriteFileEx
GetCurrentProcessId
GetStdHandle
IsProcessorFeaturePresent

user32

ClipCursor
GetClipCursor
ShowCursor
GetWindowRect
GetKeyState
SetForegroundWindow
SendInput
GetKeyboardState
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
SetWindowDisplayAffinity
FlashWindowEx
DestroyWindow
InvalidateRgn
SetWindowPlacement
ChangeDisplaySettingsExW
SetWindowTextW
SetWindowPos
EnumDisplayMonitors
GetForegroundWindow
AdjustWindowRectEx
GetWindowLongW
SetWindowLongW
EnableMenuItem
ShowWindow
SystemParametersInfoA
MapVirtualKeyA
SetCapture
RegisterWindowMessageA
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
PostThreadMessageW
SetWindowLongPtrW
ReleaseCapture
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
GetCursorPos
IsIconic
DefWindowProcW
GetClientRect
MonitorFromRect
GetWindowLongPtrW
TrackMouseEvent
GetMenu
CreateWindowExW
RegisterClassExW
RegisterTouchWindow
CreateIconFromResourceEx
SendMessageW
GetSystemMetrics
GetActiveWindow
GetRawInputData
IsProcessDPIAware
CreateIcon
GetSystemMenu
DestroyIcon
SetPropW
GetPropW
CallWindowProcW
RemovePropW
ReleaseDC
RedrawWindow
RegisterClipboardFormatW
MonitorFromPoint
SetClipboardData
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
EmptyClipboard
GetClipboardData
ClientToScreen
GetClassInfoExW
GetClassNameW
GetWindowPlacement
GetDC
GetUpdateRect
ValidateRect
GetMonitorInfoW
MonitorFromWindow
SetCursor
LoadCursorW
ScreenToClient
CloseTouchInputHandle
GetTouchInputInfo

gdi32

SwapBuffers
SetPixelFormat
GetDeviceCaps
DeleteObject
DescribePixelFormat
ChoosePixelFormat
CreateRectRgn

ole32

OleInitialize
RegisterDragDrop
CoUninitialize
RevokeDragDrop
CoInitializeEx
CoCreateInstance

dwmapi

DwmEnableBlurBehindWindow

shell32

DragFinish
DragQueryFileW

oleaut32

SysFreeString
SafeArrayCreateVector
GetErrorInfo
SafeArrayPutElement
SysAllocStringLen
SysStringLen
SetErrorInfo

uiautomationcore

UiaReturnRawElementProvider
UiaGetReservedNotSupportedValue
UiaRaiseAutomationPropertyChangedEvent
UiaRaiseAutomationEvent
UiaLookupId
UiaHostProviderFromHwnd

winmm

timeBeginPeriod
timeGetDevCaps
timeEndPeriod

uxtheme

SetWindowTheme

imm32

ImmGetCompositionStringW
ImmGetContext
ImmAssociateContextEx
ImmSetCandidateWindow
ImmReleaseContext

advapi32

SystemFunction036

ntdll

NtWriteFile
RtlNtStatusToDosError

bcrypt

BCryptGenRandom

vcruntime140

__current_exception_context
__CxxFrameHandler3
memcpy
memset
memcmp
memmove
_CxxThrowException
__C_specific_handler
__current_exception

api-ms-win-crt-math-l1-1-0

truncf
ceil
pow
sinf
floorf
roundf
trunc
floor
ceilf
expf
atan2f
_hypotf
cosf
round
acosf
cbrtf
log10
__setusermatherr
powf

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_seh_filter_exe
_configure_narrow_argv
_initterm_e
exit
_exit
_initterm
_get_initial_narrow_environment
terminate
_crt_atexit
__p___argc
_register_onexit_function
__p___argv
_initialize_onexit_table
_cexit
_initialize_narrow_environment
_c_exit
_register_thread_local_exe_atexit_callback

api-ms-win-crt-string-l1-1-0

strlen
wcslen

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc32d7b7e166d196272ce44fbc60f245

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

shlwapi

kernel32

user32

gdi32

ole32

dwmapi

shell32

oleaut32

uiautomationcore

winmm

uxtheme

imm32

advapi32

ntdll

bcrypt

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.rdata Size: 2.6MB - Virtual size: 2.6MB

.data Size: 3KB - Virtual size: 3KB

.pdata Size: 341KB - Virtual size: 341KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 4.8MB - Virtual size: 4.8MB

.rdata
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 3KB - Virtual size: 3KB

.pdata
Size: 341KB - Virtual size: 341KB

.reloc
Size: 17KB - Virtual size: 16KB