41a8f4ad6a42a34d0b619e117c97f173eb6357c7d30f692732a9b32f0dc01d0a

Sharing

Copy URL Twitter E-mail

General

Target

41a8f4ad6a42a34d0b619e117c97f173eb6357c7d30f692732a9b32f0dc01d0a
Size

5.1MB
MD5

85726efc395c3488e07aee47b093f3e2
SHA1

f00f657ee713d123862978168f7e6ebb2a67b736
SHA256

41a8f4ad6a42a34d0b619e117c97f173eb6357c7d30f692732a9b32f0dc01d0a
SHA512

28dc7612a133b9f319f47bb75e3930d2219807c38938e9fab0e08bd917fbcce845029be98425e55f593576ed81db1bf54eae4d75df4283367d0d1e4875a8abf0
SSDEEP

98304:RecOgxF1+FmRjoUx8dRevbLNEOI58aKymoj9ghi1RebMIg9Cbk/Vp:oYxF1kUF1u58aK/ojDIg9Cbk/Vp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41a8f4ad6a42a34d0b619e117c97f173eb6357c7d30f692732a9b32f0dc01d0a

Files

41a8f4ad6a42a34d0b619e117c97f173eb6357c7d30f692732a9b32f0dc01d0a
.exe windows:5 windows x86

041f4e1fb835235f87473bee0296b5d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcef

cef_string_multimap_append
cef_string_multimap_value
cef_string_multimap_key
cef_enable_highdpi_support
cef_shutdown
cef_initialize
cef_execute_process
cef_log
cef_string_multimap_alloc
cef_string_multimap_free
cef_string_list_copy
cef_string_utf16_cmp
cef_string_map_free
cef_post_task
cef_string_list_free
cef_string_list_alloc
cef_string_userfree_utf16_free
cef_string_map_alloc
cef_process_message_create
cef_v8value_create_function
cef_browser_host_create_browser
cef_api_hash
cef_string_multimap_size
cef_string_map_append
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_list_append
cef_string_list_value
cef_string_list_size
cef_string_utf8_clear
cef_string_utf8_to_utf16
cef_string_utf16_to_utf8
cef_string_utf16_clear
cef_string_utf16_set

kernel32

TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetFileAttributesW
GetFileSize
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
DeleteFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
MoveFileW
GetThreadLocale
GlobalGetAtomNameW
FileTimeToSystemTime
GetTempFileNameW
GetTempPathW
VirtualProtect
Sleep
GetTickCount
GetProfileIntW
SearchPathW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetFileAttributesW
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryW
FindResourceExW
GetUserDefaultLCID
ResetEvent
GetSystemDirectoryW
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedExchange
InterlockedExchangeAdd
InterlockedCompareExchange
SetWaitableTimer
CreateWaitableTimerW
InterlockedDecrement
WaitForMultipleObjects
GetQueuedCompletionStatus
PostQueuedCompletionStatus
TerminateThread
QueueUserAPC
SleepEx
InterlockedIncrement
FormatMessageA
CreateIoCompletionPort
OpenProcess
GetSystemInfo
CreateProcessW
OutputDebugStringW
TryEnterCriticalSection
QueryPerformanceFrequency
GetExitCodeThread
GetStringTypeW
FindFirstFileExW
FindNextFileW
GetFileInformationByHandle
SetFilePointerEx
LCMapStringW
GetCPInfo
EncodePointer
VerifyVersionInfoW
TlsGetValue
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GlobalFree
GlobalUnlock
FreeResource
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThread
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
WaitForSingleObjectEx
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleCP
ReadConsoleW
GetConsoleMode
MoveFileExW
RemoveDirectoryW
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SetEnvironmentVariableA
SizeofResource
SetUnhandledExceptionFilter
lstrcpyW
GetProcessHeap
GetCurrentProcessId
GetLocalTime
HeapAlloc
CloseHandle
HeapReAlloc
lstrcatW
HeapSize
GetCurrentThreadId
CreateFileW
SetErrorMode
LeaveCriticalSection
GetModuleFileNameW
GetCurrentProcess
EnterCriticalSection
HeapFree
CreateDirectoryW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetACP
ExitProcess
GetStdHandle
GetFileType
TlsAlloc
InitializeCriticalSection
VerSetConditionMask
GlobalFindAtomW
SetStdHandle
HeapQueryInformation
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
VirtualAlloc
VirtualQuery

user32

DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
HideCaret
InvertRect
FindWindowW
SwitchToThisWindow
RegisterClassExW
GetAncestor
DestroyAcceleratorTable
ModifyMenuW
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetRect
SetCursorPos
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
LoadMenuW
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
CharUpperW
TrackMouseEvent
CopyImage
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
IntersectRect
GetMenuItemInfoW
DestroyMenu
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
DrawMenuBar
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
UpdateLayeredWindow
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
InvalidateRect
UpdateWindow
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
LoadCursorW
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
LoadBitmapW
SetMenuItemInfoW
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
IsClipboardFormatAvailable
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
SubtractRect
GetKeyNameTextW
CreateAcceleratorTableW
LoadAcceleratorsW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
MapDialogRect
GetWindow
SetWindowContextHelpId
UnhookWindowsHookEx
PtInRect
ScreenToClient
ClientToScreen
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
DrawIconEx
GetParent
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
RedrawWindow
SetWindowRgn
DrawStateW
GetFocus
DrawFrameControl
MapVirtualKeyW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
ScrollWindow
CharNextW
DrawEdge
RegisterWindowMessageW
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetWindowLongW
GetSystemMenu
GetWindowRect
SetWindowPos
SendMessageW
GetSystemMetrics
DrawIcon
LoadIconW
SetWindowLongW
GetClientRect
IsZoomed
AppendMenuW
GetDesktopWindow
IsIconic
EnableWindow
PostMessageW
UnregisterClassW
SendDlgItemMessageA
RealChildWindowFromPoint
WaitMessage
GetUpdateRect
IsChild
SetClassLongW
GetMenuCheckMarkDimensions

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenServiceW
StartServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus

ole32

CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoInitializeEx
OleRun
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter

shell32

DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
SHGetFolderPathW
SHGetSpecialFolderPathW
SHChangeNotify
DragQueryFileW
ShellExecuteW
SHGetFileInfoW

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
VariantInit
VariantClear
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
LoadTypeLi
GetErrorInfo
VarBstrFromDate

shlwapi

PathRemoveFileSpecW
PathAddBackslashW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
StrFormatKBSizeW

gdi32

EnumFontFamiliesExW
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
GetRgnBox
Rectangle
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
DPtoLP
SetRectRgn
GetMapMode
GetTextCharsetInfo
EnumFontFamiliesW
CreateFontIndirectW
CreateDIBitmap
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
CreateCompatibleBitmap
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
ExtFloodFill
GetSystemPaletteEntries
SetViewportExtEx
GetTextFaceW
SetPixelV
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
TextOutW
MoveToEx
GetObjectW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
DeleteDC
CombineRgn
CreateEllipticRgn
CreateHatchBrush
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
PatBlt
ExtTextOutW
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CopyMetaFileW
CreateDCW
GetDeviceCaps
BitBlt
CreateBitmap
CreateCompatibleDC
CreatePen
CreatePatternBrush
DeleteObject
Escape
ExcludeClipRect
GetClipBox
IntersectClipRect

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comctl32

InitCommonControlsEx

uxtheme

DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeParentBackground
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdiplusShutdown
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipBitmapUnlockBits

dbghelp

MiniDumpWriteDump

winhttp

WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpOpenRequest
WinHttpReadData
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpOpen

ws2_32

__WSAFDIsSet
accept
bind
WSAIoctl
closesocket
WSASend
select
ntohl
listen
WSASetLastError
WSAStringToAddressW
WSASocketW
getaddrinfo
getsockname
connect
WSACleanup
WSARecv
getsockopt
htonl
htons
freeaddrinfo
ioctlsocket
setsockopt
WSAGetLastError
WSAStartup

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 569KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

041f4e1fb835235f87473bee0296b5d1

Headers

DLL Characteristics

File Characteristics

Imports

libcef

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

msimg32

winspool.drv

comctl32

uxtheme

oledlg

gdiplus

dbghelp

winhttp

ws2_32

oleacc

imm32

winmm

version

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 569KB - Virtual size: 568KB

.data Size: 64KB - Virtual size: 94KB

.gfids Size: 111KB - Virtual size: 110KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 198KB - Virtual size: 197KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 569KB - Virtual size: 568KB

.data
Size: 64KB - Virtual size: 94KB

.gfids
Size: 111KB - Virtual size: 110KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 198KB - Virtual size: 197KB