f77b241eae2a5bfef86cd0ff8e3d4f2358d8bcc07725788701fd3c359dae4b35

Sharing

Copy URL Twitter E-mail

General

Target

f77b241eae2a5bfef86cd0ff8e3d4f2358d8bcc07725788701fd3c359dae4b35
Size

113KB
MD5

ec074f91ebfe1285ca4b46b218c2b15d
SHA1

79bed2f1be17cadde05d643612b4977bd21b3185
SHA256

f77b241eae2a5bfef86cd0ff8e3d4f2358d8bcc07725788701fd3c359dae4b35
SHA512

fb89b01aacc3f10bbb985735d339c83df1158d7e20f43926ff36a892ac4cc3a57121129161e9feaf5057376213f36a3dc90d9166ef6b1414fb813c712d9e7097
SSDEEP

3072:SGE4TC9RKqzWh0ErwMNMMWsCa5DC7NpDNDFzY:Sbjsaky317hDu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f77b241eae2a5bfef86cd0ff8e3d4f2358d8bcc07725788701fd3c359dae4b35

Files

f77b241eae2a5bfef86cd0ff8e3d4f2358d8bcc07725788701fd3c359dae4b35
.dll windows:6 windows x86

0e6c6e8fb9fad648d31739812092d0da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shared

_GetInfiniteWaitEvent@0
_uSendMessageText@16
_uExceptFilterProc@4
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
_uChooseColor@12

kernel32

GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
RaiseException
HeapFree
HeapAlloc
DecodePointer
GetProcessHeap
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
InterlockedPopEntrySList
EncodePointer
TerminateProcess
GetCurrentProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InitializeCriticalSectionEx
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetProcAddress
OutputDebugStringW
GetLastError
DeleteCriticalSection
SetLastError
CloseHandle
FormatMessageW
InterlockedPushEntrySList
GetTickCount
CreateEventW
SetUnhandledExceptionFilter

user32

GetClientRect
EqualRect
GetDC
SetRectEmpty
SetFocus
GetClassInfoExW
RegisterClassExW
DestroyMenu
TrackPopupMenu
GetSysColor
DialogBoxParamW
GetWindow
MapWindowPoints
CreatePopupMenu
ClientToScreen
SetMenuDefaultItem
AppendMenuW
CallWindowProcW
ReleaseDC
UnregisterClassW
SetLayeredWindowAttributes
GetWindowRect
EndDialog
EnableWindow
InvalidateRect
FillRect
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
SetParent
ShowWindow
IsWindowVisible
KillTimer
EndPaint
BeginPaint
RedrawWindow
SetTimer
CreateWindowExW
RegisterClassW
LoadCursorW
DefWindowProcW
GetWindowLongW
SetWindowPos
GetParent
SetWindowLongW
MessageBoxW
SendMessageW
CopyRect
DestroyWindow

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
DeleteObject
CreateSolidBrush
SetWindowOrgEx
OffsetWindowOrgEx

msvcp140

?_Xbad_function_call@std@@YAXXZ

gdiplus

GdipCreateSolidFill
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipSetSolidFillColor
GdipCloneBrush
GdipDeleteBrush
GdipFillEllipseI
GdipCreateLineBrushI
GdipCreateLineBrushFromRectI
GdipSetLineColors
GdipSetLinePresetBlend
GdipCreatePen2
GdipDeletePen
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDrawString
GdipFillPolygonI
GdipFillRectangleI
GdipDrawEllipseI
GdipDrawLinesI
GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipFree

vcruntime140

memset
__std_exception_destroy
_purecall
memcpy
_except_handler3
__CxxFrameHandler3
__std_terminate
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

_recalloc
free
realloc
_aligned_realloc
_aligned_free
_callnewh
_aligned_malloc
malloc

api-ms-win-crt-runtime-l1-1-0

exit
_initterm
_invalid_parameter_noinfo_noreturn
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_cexit
_register_onexit_function
_execute_onexit_table
_crt_atexit
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-convert-l1-1-0

_itow_s
_wtof

api-ms-win-crt-math-l1-1-0

_CIcos
_CIlog10
_CIpow
_CIsin
_CIsqrt
floor

api-ms-win-crt-utility-l1-1-0

srand
rand

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e6c6e8fb9fad648d31739812092d0da

Headers

DLL Characteristics

File Characteristics

Imports

shared

kernel32

user32

gdi32

msvcp140

gdiplus

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 6KB - Virtual size: 7KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 6KB - Virtual size: 6KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 6KB - Virtual size: 6KB

.movehcs
Size: 512B - Virtual size: 4KB