4e57e96ea47616a964111fc119493771ae557156581f61194ae1547670674fd1

Sharing

Copy URL Twitter E-mail

General

Target

4e57e96ea47616a964111fc119493771ae557156581f61194ae1547670674fd1
Size

3.0MB
MD5

b6a77438fc4fdac14eaf834f820fbb9b
SHA1

3371b0f68e1307d83abb29d145f09cafa51044d2
SHA256

4e57e96ea47616a964111fc119493771ae557156581f61194ae1547670674fd1
SHA512

6db5b928d1cf8a48bb79a50b23f48bdecfcc9c8fcb52a80ad4930e2bf63afb3e4d705916608d93e4e0892108ebd60ede115699d8fd04e46d6352e78db1ce06e9
SSDEEP

49152:EGq3wgxi1hxHuSEtM5YMcHor4kIRtRe4pndgD7+u7XzAW:EGydxi1XTEtcYTHor4kIRtRe4pdgDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e57e96ea47616a964111fc119493771ae557156581f61194ae1547670674fd1

Files

4e57e96ea47616a964111fc119493771ae557156581f61194ae1547670674fd1
.dll windows:6 windows x86

408939bdb62667344eaf6e9422c015a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdiplus

GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipCreateFromHDC
GdiplusStartup
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImagePaletteSize
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdiplusShutdown
GdipDeleteGraphics
GdipDrawImageI
GdipGetImageWidth

kernel32

GetCurrentDirectoryW
GetTempFileNameW
GetWindowsDirectoryW
VerifyVersionInfoW
GetTempPathW
SearchPathW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
LocalReAlloc
WriteConsoleW
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameW
SetThreadPriority
GetCurrentThread
lstrcmpA
GetProfileIntW
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetVersionExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
lstrcmpiW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
VirtualProtect
GetFullPathNameW
FlushFileBuffers
SetLastError
MulDiv
GlobalSize
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
ExpandEnvironmentStringsW
GetTickCount
GetProcAddress
LoadLibraryW
GlobalFlags
GetModuleFileNameW
ReadFile
GetFileSize
GlobalReAlloc
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
FreeResource
ResumeThread
GetFileAttributesW
DeleteFileW
LocalFree
GetCurrentProcess
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
FindResourceExW
GetModuleHandleW
CopyFileW
Sleep
lstrcpyW
OutputDebugStringA
FindNextFileW
CreateDirectoryW
FindClose
FindFirstFileW
OutputDebugStringW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FormatMessageW
GetPrivateProfileIntW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
FindResourceW
LoadResource
LockResource
SizeofResource
GetPrivateProfileStringW
CloseHandle
WriteFile
CreateFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetVolumeInformationW
GetLocaleInfoW
RtlUnwind
InterlockedFlushSList
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapQueryInformation
QueryPerformanceFrequency
SetStdHandle
GetFileType
ExitProcess
GetStdHandle
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
LCMapStringW
GetDriveTypeW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
VerSetConditionMask

user32

WaitMessage
PostThreadMessageW
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
FrameRect
CopyIcon
SetCursorPos
IsZoomed
DrawEdge
DrawStateW
EnumDisplayMonitors
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
LockWindowUpdate
GetMenuDefaultItem
GetSystemMenu
UnionRect
DeleteMenu
MapDialogRect
GetAsyncKeyState
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
GetMenuItemInfoW
RealChildWindowFromPoint
GetSysColorBrush
ReuseDDElParam
UnpackDDElParam
DestroyIcon
SetRectEmpty
InsertMenuItemW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
IntersectRect
GetKeyNameTextW
ShowOwnedPopups
TranslateMessage
GetMessageW
PostQuitMessage
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsClipboardFormatAvailable
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
MonitorFromWindow
WinHelpW
SetScrollInfo
LoadIconW
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
EqualRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
IsCharLowerW
ShowScrollBar
GetScrollRange
GetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
UnhookWindowsHookEx
IsWindowEnabled
GetFocus
CharUpperW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
PeekMessageW
GrayStringW
DrawTextExW
TabbedTextOutW
DrawTextW
BringWindowToTop
UnregisterClassW
SetParent
GetScrollInfo
GetWindow
UpdateWindow
ShowWindow
IsRectEmpty
RedrawWindow
SetFocus
CreateWindowExW
DestroyWindow
GetWindowTextW
DrawFrameControl
FillRect
IsWindow
TrackMouseEvent
SetCursor
LoadCursorW
GetSysColor
SetLayeredWindowAttributes
RegisterWindowMessageW
SetScrollPos
GetSystemMetrics
PtInRect
SetWindowPos
SetRect
SetScrollRange
LoadBitmapW
SetWindowLongW
InflateRect
GetKeyboardState
CreateAcceleratorTableW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetWindowRect
KillTimer
ScreenToClient
GetCursorPos
SetTimer
SetWindowRgn
ReleaseCapture
WindowFromPoint
GetUpdateRect
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
CopyAcceleratorTableW
SetPropW
ClientToScreen
SetCapture
GetCapture
GetParent
GetActiveWindow
SetClassLongW
GetClassLongW
SendMessageW
GetWindowLongW
DrawIcon
GetClientRect
InvalidateRect
EnableWindow
CallWindowProcW
OffsetRect
CopyRect
ReleaseDC
GetDC
LoadImageW
MapVirtualKeyW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ToUnicodeEx
MapVirtualKeyExW
GetWindowThreadProcessId
GetKeyboardLayout
GetForegroundWindow
PostMessageW
FindWindowW
DestroyAcceleratorTable
GetMonitorInfoW

gdi32

MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetBitmapBits
SetBitmapBits
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
GetBkColor
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
CreateEllipticRgn
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetObjectType
GetClipBox
ExcludeClipRect
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
GetViewportExtEx
SetTextAlign
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
LineTo
IntersectClipRect
Ellipse
GetObjectW
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreatePen
RestoreDC
SaveDC
CreateFontIndirectW
GetPixel
RealizePalette
SelectPalette
GetStockObject
CombineRgn
ExtCreateRegion
StretchBlt
CreateSolidBrush
Rectangle
GetTextExtentPoint32W
CreateFontW
GetTextColor
BitBlt
CreateCompatibleBitmap
SetDIBColorTable
DeleteDC
GetWindowExtEx

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW

shell32

ShellExecuteW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderW
SHGetFolderPathW

comctl32

ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_EndDrag
_TrackMouseEvent
ImageList_AddMasked

shlwapi

PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathRemoveExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathIsUNCW

uxtheme

GetWindowTheme
GetCurrentThemeName
IsAppThemed
GetThemePartSize
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText
GetThemeColor
GetThemeSysColor

ole32

CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleGetClipboard
DoDragDrop
CoInitialize
CoCreateInstance
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoDisconnectObject
CoCreateGuid

oleaut32

VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
LoadTypeLi
OleLoadPicture
VariantCopy

winmm

PlaySoundW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Exports

Exports

DllPreTranslateMessage
InitialPageInfo
ProcessFunction
ProcessParentDef
SetPreAndNextDev
UnIntialPageInfo

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 786KB - Virtual size: 785KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

408939bdb62667344eaf6e9422c015a8

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

winmm

oleacc

imm32

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 379KB - Virtual size: 379KB

.data Size: 22KB - Virtual size: 41KB

.rsrc Size: 786KB - Virtual size: 785KB

.reloc Size: 149KB - Virtual size: 149KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 379KB - Virtual size: 379KB

.data
Size: 22KB - Virtual size: 41KB

.rsrc
Size: 786KB - Virtual size: 785KB

.reloc
Size: 149KB - Virtual size: 149KB