a9c624886fb21411c6c7d53ae527c0fe2a2732c6fb8528ca3f20d1dce3480204

Sharing

Copy URL Twitter E-mail

General

Target

a9c624886fb21411c6c7d53ae527c0fe2a2732c6fb8528ca3f20d1dce3480204
Size

12.7MB
MD5

2424c54b62b802610ee0c322b2d1c2a5
SHA1

0b113ebe9722af5846cd923db32906f37e2085ed
SHA256

a9c624886fb21411c6c7d53ae527c0fe2a2732c6fb8528ca3f20d1dce3480204
SHA512

ae242138be18765304dffd60663cd2e01b639d4c2f811cce857cd9c2b01e54d8f0a6e61863856495d8835022a28c253b4d0a4733302315f3ea36149774b0a0ce
SSDEEP

196608:EjUqXA6mI3Vl0buuUZtHUMJsv6tWKFdu9CLpEF/0:m3VlkWbUMJsv6tWKFdu9CI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9c624886fb21411c6c7d53ae527c0fe2a2732c6fb8528ca3f20d1dce3480204

Files

a9c624886fb21411c6c7d53ae527c0fe2a2732c6fb8528ca3f20d1dce3480204
.exe windows:6 windows x86

1bc7ca85974bee047b04b0e13668b52c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcef

cef_value_create
cef_process_message_create
cef_cookie_manager_get_global_manager
cef_v8value_create_undefined
cef_v8value_create_bool
cef_v8value_create_int
cef_v8value_create_function
cef_v8context_get_current_context
cef_string_utf8_to_utf16
cef_string_multimap_append
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_map_append
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_v8value_create_string
cef_string_list_append
cef_string_ascii_to_utf16
cef_log
cef_string_wide_to_utf8
cef_get_min_log_level
cef_waitable_event_create
cef_shared_process_message_builder_create
cef_string_list_value
cef_string_list_size
cef_dictionary_value_create
cef_uriencode
cef_base64encode
cef_enable_highdpi_support
cef_shutdown
cef_initialize
cef_execute_process
cef_register_scheme_handler_factory
cef_register_extension
cef_post_task
cef_currently_on
cef_api_hash
cef_command_line_create
cef_string_map_free
cef_string_map_alloc
cef_request_create
cef_string_multimap_free
cef_string_multimap_alloc
cef_string_userfree_utf16_free
cef_browser_host_create_browser
cef_string_list_free
cef_string_list_alloc
cef_string_utf16_to_utf8
cef_string_utf16_cmp
cef_string_utf8_clear
cef_string_utf16_set
cef_string_utf16_clear

kernel32

GetACP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetStdHandle
SetFileAttributesW
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
GetStdHandle
SystemTimeToTzSpecificLocalTime
LoadLibraryExW
SetLastError
RtlUnwind
GetStringTypeW
GetCPInfo
LCMapStringEx
EncodePointer
GetOEMCP
Sleep
GetCommandLineW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
ExpandEnvironmentStringsW
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetLongPathNameW
RemoveDirectoryW
CloseHandle
SetUnhandledExceptionFilter
GetLastError
CreateMutexW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryW
CopyFileW
MoveFileW
ReadFile
WriteFile
ConnectNamedPipe
DisconnectNamedPipe
CreateNamedPipeW
WaitNamedPipeW
GetOverlappedResult
WaitForSingleObject
CreateEventW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
InitOnceExecuteOnce
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
DecodePointer
RaiseException
InitializeCriticalSectionEx
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
VirtualFree
VirtualAlloc
ReleaseMutex
WriteConsoleW
GetFullPathNameW
GetExitCodeProcess
GetUserGeoID
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
LCMapStringW
CompareStringW
RegisterWaitForSingleObject
UnregisterWaitEx
SetFilePointerEx
SetEndOfFile
GetFileType
FlushFileBuffers
GetFileInformationByHandleEx
SystemTimeToFileTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
MoveFileExW
DeviceIoControl
SetErrorMode
GetVolumePathNamesForVolumeNameW
GetTempPathW
SetFileTime
GetLogicalDrives
GetFileInformationByHandle
GetFileAttributesW
GetCurrentDirectoryW
GetTickCount64
QueryPerformanceFrequency
GetFileAttributesExW
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
WaitForMultipleObjects
DuplicateHandle
GetSystemDirectoryW
OutputDebugStringW
lstrcmpW
LocalFree
FormatMessageW
WTSGetActiveConsoleSessionId
CreateProcessW
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetUserDefaultLangID
GetFileSizeEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVolumeInformationW
GetDriveTypeW
GetConsoleWindow
ExitProcess
InitializeCriticalSection
CompareStringEx
GetSystemTime
GetLocalTime

user32

GetWindow
DestroyCursor
DestroyIcon
MonitorFromPoint
GetAncestor
GetKeyboardLayoutList
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
UnregisterClassW
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
FindWindowExA
GetClassInfoW
RegisterDeviceNotificationW
CharNextExA
KillTimer
CreateMenu
CreatePopupMenu
DestroyMenu
SetParent
GetParent
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
TranslateMessage
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetClientRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
GetForegroundWindow
EnableMenuItem
GetSystemMenu
GetMenu
ReleaseCapture
DrawIconEx
MessageBoxW
ChangeWindowMessageFilterEx
GetWindowThreadProcessId
RegisterClassExW
GetFocus
GetCursorPos
WindowFromPoint
UnregisterDeviceNotification
ChildWindowFromPointEx
SetCapture
EnumWindows
GetPropW
IsIconic
ShowWindow
SetForegroundWindow
MoveWindow
GetWindowRect
RealGetWindowClassW
GetWindowTextW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
EnumDisplayDevicesW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
GetSystemMetrics
SystemParametersInfoW
DefWindowProcW
DestroyWindow
GetDC
ReleaseDC
GetSysColor
GetDesktopWindow
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
PostMessageW
AttachThreadInput
CreateWindowExW
IsChild
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
InsertMenuW

advapi32

RegCloseKey
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetLengthSid
FreeSid
DuplicateToken
CopySid
AllocateAndInitializeSid
AccessCheck
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
SystemFunction036
RegOpenKeyExW
RegQueryValueExW

shlwapi

PathRemoveFileSpecW
PathRemoveExtensionW
PathCombineW

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

uxtheme

GetThemeInt
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
ord47
GetThemeColor
IsThemeBackgroundPartiallyTransparent
OpenThemeData
GetThemeBool
SetWindowTheme
IsThemeActive
IsAppThemed
GetCurrentThemeName
GetThemeBackgroundRegion
GetThemePartSize

dwmapi

DwmIsCompositionEnabled
DwmGetWindowAttribute
DwmSetWindowAttribute
DwmEnableBlurBehindWindow

imm32

ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmNotifyIME
ImmGetVirtualKey

userenv

GetUserProfileDirectoryW

netapi32

NetApiBufferFree
NetShareEnum

oleaut32

SysFreeString
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString

shell32

SHBrowseForFolderW
Shell_NotifyIconW
Shell_NotifyIconGetRect
CommandLineToArgvW
SHGetKnownFolderIDList
ShellExecuteW
ShellExecuteExW
ord75
SHGetFileInfoW
SHGetStockIconInfo
ord727
SHGetPathFromIDListW
SHCreateItemFromIDList
SHCreateItemFromParsingName
SHGetMalloc
SHGetKnownFolderPath

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

winmm

timeSetEvent
timeKillEvent
PlaySoundW

ws2_32

WSAStartup
WSACleanup
WSAAsyncSelect

gdi32

SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
ExtTextOutW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetBitmapBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
GetDIBits
GetGlyphOutlineW

ole32

RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
CoUninitialize
CoInitializeEx
CoInitialize
OleSetClipboard
OleGetClipboard
CoLockObjectExternal
OleIsCurrentClipboard
CoCreateInstance
DoDragDrop
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc
CoCreateGuid
StringFromGUID2
OleFlushClipboard

Sections

.text
Size: 8.6MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bc7ca85974bee047b04b0e13668b52c

Headers

DLL Characteristics

File Characteristics

Imports

libcef

kernel32

user32

advapi32

shlwapi

wtsapi32

uxtheme

dwmapi

imm32

userenv

netapi32

oleaut32

shell32

version

winmm

ws2_32

gdi32

ole32

Sections

.text Size: 8.6MB - Virtual size: 8.6MB

.rdata Size: 3.3MB - Virtual size: 3.3MB

.data Size: 110KB - Virtual size: 184KB

.qtmetad Size: 1KB - Virtual size: 1KB

.qtmimed Size: 315KB - Virtual size: 315KB

_RDATA Size: 49KB - Virtual size: 49KB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 295KB - Virtual size: 294KB

.text
Size: 8.6MB - Virtual size: 8.6MB

.rdata
Size: 3.3MB - Virtual size: 3.3MB

.data
Size: 110KB - Virtual size: 184KB

.qtmetad
Size: 1KB - Virtual size: 1KB

.qtmimed
Size: 315KB - Virtual size: 315KB

_RDATA
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 295KB - Virtual size: 294KB