9a7f2ac65716e0ace351d4cbb1381771b897c1c86e8e57450f17ac5247b2ceb0

Sharing

Copy URL

Twitter E-mail

General

Target

9a7f2ac65716e0ace351d4cbb1381771b897c1c86e8e57450f17ac5247b2ceb0
Size

4.0MB
MD5

b3d1995f5ec05ce6ace2ad73fa2897af
SHA1

17c9f54e8ab0145dc80be7bc4cc2b5f9ef94bb5a
SHA256

9a7f2ac65716e0ace351d4cbb1381771b897c1c86e8e57450f17ac5247b2ceb0
SHA512

edafcbc13d5cb0ddd2251769bbf20baae85e7abdbebad3227673d79ada323ee04df7b2435335cdfa141defe6e529b0edf98a4ef8b99498fdf79705c79ac0ecc3
SSDEEP

49152:UBrcYi+cKuq1PlVsVMXplRu7576aKfdUgdTLGL5y3I:+rcqFBpNsB6ddUgBCc3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a7f2ac65716e0ace351d4cbb1381771b897c1c86e8e57450f17ac5247b2ceb0

Files

9a7f2ac65716e0ace351d4cbb1381771b897c1c86e8e57450f17ac5247b2ceb0
.dll windows:6 windows x64

cc7b1d15fafcb32ebc26bc96a974f46e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_AddMasked
ImageList_Destroy
ImageList_Replace
ImageList_Create
ImageList_SetImageCount
_TrackMouseEvent
ImageList_GetIconSize
InitCommonControlsEx
ord380

shell32

ord74
ord88
ShellExecuteW

shlwapi

StrCmpLogicalW
SHAutoComplete
StrCmpIW
ord12

gdiplus

GdipDeleteBrush
GdipCreatePen1
GdipCreateSolidFill
GdipSetSmoothingMode
GdipAlloc
GdipCloneBrush
GdipFree
GdipDeletePen
GdipBitmapLockBits
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipClosePathFigure
GdipFillPath
GdipDrawPath
GdipFillPolygon
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangleI
GdiplusShutdown
GdipDrawLineI
GdipSetClipRectI
GdipCreateLineBrushFromRectI
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectRectI
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup

shared

uGetWindowText
uGetFullPathName
ModalDialog_PokeExisting
ModalDialog_CanCreateNew
uMessageBox
stricmp_utf8_partial
uExtTextOut
uGetTextExtentPoint32
uTabCtrl_InsertItem
uCharLower
uGetFileAttributes
uGetModuleFileName
uSendMessageText
uTreeView_InsertItem
uFixAmpersandChars
uShellNotifyIconEx
uChooseColor
uFormatSystemErrorMessage
uModifyMenu
uGetMenuString
uGetMenuItemType
uTabCtrl_SetItem
uSetDlgItemText
stricmp_utf8_max
uGetOpenFileName
FindOwningPopup
uSendDlgItemMessageText
uShellNotifyIcon
stricmp_utf8_ex
uSetWindowText
uGetDlgItemText
uAppendMenu
uStringCompare
uFixAmpersandChars_v2
ModalDialog_Switch
GetInfiniteWaitEvent
uLoadImage
stricmp_utf8
??1uCallStackTracker@@QEAA@XZ
??0uCallStackTracker@@QEAA@PEBD@Z
uPrintCrashInfo_OnEvent
uBugCheck
uDragQueryFile
uDragQueryFileCount

uxtheme

SetWindowTheme
OpenThemeData
GetThemeMargins
GetThemeTextExtent
DrawThemeText
GetThemePartSize
IsThemeActive
IsAppThemed
IsThemePartDefined
GetThemeColor
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
CloseThemeData
EnableThemeDialogTexture
DrawThemeBackground

dwmapi

DwmSetWindowAttribute

usp10

ScriptRecordDigitSubstitution
ScriptFreeCache
ScriptStringFree
ScriptStringAnalyse
ScriptString_pcOutChars
ScriptStringGetLogicalWidths
ScriptString_pSize
ScriptStringOut
ScriptApplyDigitSubstitution

windowscodecs

WICConvertBitmapSource

kernel32

LCMapStringW
CompareStringW
ExitProcess
SetConsoleCtrlHandler
GetFileType
SetStdHandle
ResumeThread
ExitThread
HeapQueryInformation
HeapSize
HeapReAlloc
RtlUnwind
RtlUnwindEx
TerminateProcess
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
VirtualFree
VirtualProtect
VirtualAlloc
UnregisterWaitEx
DuplicateHandle
CreateTimerQueue
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateThread
GetCurrentProcess
SignalObjectAndWait
InitializeSListHead
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
GetThreadTimes
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
LoadLibraryExW
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateEventExW
SetThreadPriority
GetCurrentThread
CloseHandle
WaitForSingleObject
SetLastError
GetLastError
GetTickCount
GetUserDefaultLCID
FindResourceW
SizeofResource
LoadResource
LockResource
VerSetConditionMask
VerifyVersionInfoW
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
OutputDebugStringW
GetCurrentThreadId
FormatMessageW
IsDebuggerPresent
MulDiv
CompareStringEx
GetLocalTime
QueryPerformanceCounter
QueryPerformanceFrequency
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcessId
GetModuleHandleExW
GlobalAlloc
GlobalUnlock
GlobalFree
GetModuleFileNameA
CreateSemaphoreExW
HeapFree
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
HeapAlloc
CreateMutexExW
GetProcessHeap
GetModuleHandleW
DebugBreak
InitializeCriticalSectionEx
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SwitchToThread
GetLocaleInfoEx
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceComplete
InitOnceBeginInitialize
RtlPcToFileHeader
TryAcquireSRWLockExclusive
InitializeSRWLock
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
IsProcessorFeaturePresent
GlobalSize
GetTimeFormatW
GetDateFormatW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetTickCount64
RaiseException
GetThreadPriority
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
Sleep
ResetEvent
SetEvent
CreateEventW
WriteConsoleW
EnumSystemLocalesW
GetStdHandle
IsValidLocale
SetFilePointerEx
WriteFile
GetConsoleOutputCP
GetConsoleMode
GetTimeZoneInformation
FlushFileBuffers
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
GlobalLock

user32

EmptyClipboard
SetClipboardData
CloseClipboard
SetCursor
DrawIconEx
GetParent
TrackPopupMenuEx
GetUpdateRect
BeginDeferWindowPos
IsWindowEnabled
GetPropW
SetDlgItemInt
GetWindowPlacement
EnumChildWindows
GetDlgCtrlID
IsClipboardFormatAvailable
RegisterClassW
GetNextDlgTabItem
ChildWindowFromPoint
WindowFromDC
GetCapture
SystemParametersInfoW
ScrollWindowEx
SetScrollInfo
OpenClipboard
SetActiveWindow
LoadCursorW
ReleaseCapture
SetCapture
GetClassNameW
MonitorFromWindow
ChildWindowFromPointEx
GetMonitorInfoW
MonitorFromPoint
ClientToScreen
SetMenuItemInfoW
InsertMenuW
GetMenuItemCount
GetCursorPos
SetForegroundWindow
GetAsyncKeyState
RealChildWindowFromPoint
GetKeyState
DeregisterShellHookWindow
RegisterShellHookWindow
RegisterWindowMessageW
WindowFromPoint
DestroyWindow
EnumWindows
GetWindow
IsIconic
UnregisterClassW
GetScrollInfo
SetWindowPlacement
MessageBoxW
DrawTextW
InvalidateRect
DrawEdge
GetDoubleClickTime
IsChild
EndDeferWindowPos
GetWindowThreadProcessId
DeferWindowPos
CreateDialogParamW
DialogBoxParamW
DrawFocusRect
EqualRect
GetClipboardData
GetIconInfo
GetMenuItemID
GetMenuState
GetSubMenu
CheckMenuRadioItem
UnhookWindowsHookEx
IsWindow
UpdateWindow
SetWindowTextW
PostMessageW
SetTimer
KillTimer
SetFocus
GetFocus
InsertMenuItemW
GetAncestor
SetWindowLongW
GetWindowLongW
GetDlgItemInt
IntersectRect
MapWindowPoints
GetTopWindow
FillRect
SetLayeredWindowAttributes
GetLayeredWindowAttributes
IsWindowVisible
LoadImageW
GetMessagePos
BeginPaint
EndPaint
PtInRect
GetSystemMetrics
InflateRect
DrawTextExW
GetWindowTextW
GetWindowTextLengthW
RegisterClipboardFormatW
ScreenToClient
DestroyMenu
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetSysColorBrush
SendDlgItemMessageW
EndDialog
GetDlgItem
DestroyIcon
GetClientRect
GetDC
ReleaseDC
GetWindowRect
EnableWindow
CallWindowProcW
GetWindowLongPtrW
DefWindowProcW
GetComboBoxInfo
SetWindowLongPtrW
CreateWindowExW
RedrawWindow
GetSysColor
SendMessageW
SetWindowPos
SetParent
ShowWindow
DispatchMessageW
TranslateMessage
ValidateRect
PostQuitMessage
GetMessageW
SetWindowsHookExW
CallNextHookEx
PostThreadMessageW
CharLowerW
MapDialogRect
GetMenuItemInfoW

gdi32

SetBkColor
SelectObject
GetObjectW
GetTextExtentPoint32W
GetBkMode
CombineRgn
CreateRectRgnIndirect
SetPixel
SetTextAlign
GetTextMetricsW
SetTextColor
OffsetWindowOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
BitBlt
CreateDIBSection
GdiFlush
CreatePen
SetBkMode
MoveToEx
LineTo
GetDeviceCaps
GetTextColor
EnumFontFamiliesExW
GdiAlphaBlend
ExtTextOutW
SetWindowOrgEx
GetStockObject
Rectangle
CreateDIBitmap
DeleteDC
CreateFontIndirectW
GetPixel
DeleteObject

comdlg32

ChooseFontW

ole32

RegisterDragDrop
CoCreateFreeThreadedMarshaler
CoUninitialize
CoInitializeEx
OleGetClipboard
OleSetClipboard
CoGetObjectContext
CoGetApartmentType
OleInitialize
OleUninitialize
CoCreateInstance
ReleaseStgMedium
RevokeDragDrop

urlmon

CopyStgMedium

oleaut32

GetErrorInfo
SetErrorInfo
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc7b1d15fafcb32ebc26bc96a974f46e

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shell32

shlwapi

gdiplus

shared

uxtheme

dwmapi

usp10

windowscodecs

kernel32

user32

gdi32

comdlg32

ole32

urlmon

oleaut32

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 382KB - Virtual size: 381KB

.data Size: 59KB - Virtual size: 77KB

.pdata Size: 98KB - Virtual size: 98KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 19KB - Virtual size: 19KB

.movehcs Size: 3KB - Virtual size: 4KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 382KB - Virtual size: 381KB

.data
Size: 59KB - Virtual size: 77KB

.pdata
Size: 98KB - Virtual size: 98KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 19KB - Virtual size: 19KB

.movehcs
Size: 3KB - Virtual size: 4KB