31cf3b1310b111231371624d5c993cae564b028ab46879d8cd0ba7414e2c60b4

Sharing

Copy URL Twitter E-mail

General

Target

31cf3b1310b111231371624d5c993cae564b028ab46879d8cd0ba7414e2c60b4
Size

576KB
MD5

a19fed25d20837386d567c2e1cd51812
SHA1

fd023d27a6880ea647ca829cabad400787568f1a
SHA256

31cf3b1310b111231371624d5c993cae564b028ab46879d8cd0ba7414e2c60b4
SHA512

cf839f6a5b5aab11fad1a4fa2cd7878f60626617fd8267029ce2138f9d6fe94a8c5b1bc8d0d21ab647294d8ff3fa6a815a65d9e27151e99e1e63e94f62dc44aa
SSDEEP

6144:k8qKCokIHScz/8Hk/PyiLlRBIHUMMVRSVtfP5DQ2TT5EUCi7vDa:kxo9SczE6aIoBMXUP5ksTJu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31cf3b1310b111231371624d5c993cae564b028ab46879d8cd0ba7414e2c60b4

Files

31cf3b1310b111231371624d5c993cae564b028ab46879d8cd0ba7414e2c60b4
.dll windows:6 windows x86

ad7372f7f1c52ae0265add2779cfc9ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

uxtheme

DrawThemeBackground
IsThemePartDefined
CloseThemeData
OpenThemeData
GetThemePartSize
SetWindowTheme

kernel32

GetModuleHandleW
PowerCreateRequest
PowerClearRequest
PowerSetRequest
VerSetConditionMask
VerifyVersionInfoW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalSize
OutputDebugStringW
GetCurrentThreadId
GetVersionExW
ResumeThread
WideCharToMultiByte
IsDebuggerPresent
GetSystemTimeAsFileTime
InitOnceComplete
InitOnceBeginInitialize
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
lstrlenW
GetTickCount
AcquireSRWLockShared
AcquireSRWLockExclusive
GetProcAddress
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
ReleaseSRWLockShared
SetLastError
LoadLibraryExW
ReleaseSRWLockExclusive
RaiseException
DecodePointer
GetExitCodeProcess
GetStdHandle
CreateFileW
CreateNamedPipeW
GetCurrentProcessId
TerminateProcess
CreateProcessW
GetThreadPriority
CancelIoEx
GetOverlappedResult
WaitForMultipleObjects
WriteFile
ResetEvent
CreateEventW
GetCurrentProcess
DuplicateHandle
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
MulDiv
GetCurrentThread
SetThreadPriority
CloseHandle
WaitForSingleObject
GetTickCount64
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
SetEvent
GlobalFree

user32

TranslateAcceleratorW
ReleaseDC
EnumThreadWindows
IsWindowVisible
GetWindowPlacement
MonitorFromRect
GetMenu
GetClipboardData
LoadAcceleratorsW
CloseClipboard
OpenClipboard
AdjustWindowRect
RegisterWindowMessageW
EndDeferWindowPos
IsZoomed
DeferWindowPos
BeginDeferWindowPos
DestroyAcceleratorTable
MapDialogRect
AdjustWindowRectEx
IsIconic
CharLowerW
GetScrollInfo
SetWindowTextW
MapWindowPoints
GetDlgCtrlID
SetDlgItemInt
DrawEdge
DialogBoxParamW
EndDialog
RedrawWindow
GetKeyState
FillRect
DrawFrameControl
GetWindowTextLengthW
GetWindowTextW
GetSystemMetrics
NotifyWinEvent
GetFocus
IsRectEmpty
GetParent
SetCursor
SetCapture
DrawTextW
KillTimer
TrackMouseEvent
GetWindowDC
GetCursorPos
DestroyMenu
GetMessagePos
InflateRect
FrameRect
MonitorFromPoint
UnhookWindowsHookEx
SetWindowsHookExW
CreatePopupMenu
WindowFromPoint
CallNextHookEx
TrackPopupMenu
GetNextDlgTabItem
AppendMenuW
PtInRect
IntersectRect
ScreenToClient
GetClassInfoExW
RegisterClassExW
CreateWindowExW
GetSysColor
InvalidateRgn
OffsetRect
CallWindowProcW
CopyRect
SystemParametersInfoW
ScrollWindowEx
SetScrollPos
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
SetMenuItemInfoW
ClientToScreen
GetMenuItemInfoW
GetMonitorInfoW
EndPaint
BeginPaint
GetClientRect
SetLayeredWindowAttributes
GetWindowRect
SetFocus
MessageBeep
SetWindowPos
IsWindowEnabled
DestroyWindow
GetActiveWindow
SetTimer
PostMessageW
SendDlgItemMessageW
SetDlgItemTextW
EnableWindow
ShowWindow
CreateDialogParamW
LoadCursorW
GetWindowLongW
SetWindowLongW
UnregisterClassW
DefWindowProcW
RegisterClassW
GetDlgItem
SendMessageW
InvalidateRect
GetDC

gdi32

SetDCBrushColor
CreateFontIndirectW
GetObjectW
CreatePolygonRgn
FrameRgn
FillRgn
GetDeviceCaps
CreateCompatibleDC
SelectObject
GetTextMetricsW
LPtoDP
SaveDC
RestoreDC
OffsetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateCompatibleBitmap
SetViewportOrgEx
BitBlt
CombineRgn
SetDCPenColor
LineTo
MoveToEx
SetBkMode
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
GetCurrentObject
CreatePen
OffsetRgn
GetStockObject
ExtTextOutW
SetBkColor
SetTextColor
DeleteObject
DeleteDC

shell32

ShellExecuteW
ord74

oleaut32

VariantInit
VariantClear
SysAllocString

shared

_stricmp_utf8_ex@16
_uGetModuleFileName@8
_uFileExists@4
_uCreateFile@28
_stricmp_utf8_partial@12
_stricmp_utf8@8
_uDeleteFile@4
_uGetDlgItemText@12
_uSendMessageText@16
?g_from_system@t_font_description@@SG?AU1@H@Z
?create@t_font_description@@QBGPAUHFONT__@@XZ
_PokeWindow@4
_uGetWindowText@8
_uCharUpper@4
_ModalDialog_Switch@4
_FindOwningPopup@4
_uShellExecute@24
_uGetOpenFileName@32
_uBrowseForFolder@12
_uAddStringLower@12
_ModalDialog_CanCreateNew@0
_ModalDialog_PokeExisting@0
_uStringCompare@8
_uCreateDirectory@8
_uGetTempPath@4
_uSetDlgItemText@12
??1uCallStackTracker@@QAE@XZ
??0uCallStackTracker@@QAE@PBD@Z
_uExceptFilterProc@4
?scale@audio_math@@YGXPBMIPAMM@Z
_uFormatSystemErrorMessage@8
_uFindFirstFile@4
_uSearchPath@16
_uSetWindowText@8
_GetInfiniteWaitEvent@0
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
_uReplaceStringAdd@32

msvcp140

_Thrd_hardware_concurrency
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z

shlwapi

SHAutoComplete

comctl32

ord413
ord410

msimg32

GradientFill

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdiplusShutdown

vcruntime140

wcschr
memcmp
__current_exception
strstr
memcpy
__current_exception_context
_except_handler3
__CxxFrameHandler3
_except_handler4_common
_CxxThrowException
__std_terminate
__std_exception_destroy
__std_exception_copy
_purecall
memset
strrchr
__std_type_info_destroy_list
memmove
strchr

api-ms-win-crt-string-l1-1-0

_strdup
strlen
strncmp
wcsnlen
wcslen
strcat_s
strcmp

api-ms-win-crt-heap-l1-1-0

free
malloc
_recalloc
realloc
_aligned_malloc
_aligned_realloc
_aligned_free
_callnewh
_expand

api-ms-win-crt-runtime-l1-1-0

terminate
_controlfp_s
_invalid_parameter_noinfo
_errno
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_beginthreadex
abort
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-utility-l1-1-0

abs
rand
srand
_byteswap_ulong
_byteswap_ushort

api-ms-win-crt-math-l1-1-0

fabs
sqrt
frexp
ldexp
floor
__libm_sse2_pow
lround
llround

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vswprintf_s

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-convert-l1-1-0

_atoi64
atoi

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
DoDragDrop
CoCreateGuid

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad7372f7f1c52ae0265add2779cfc9ef

Headers

DLL Characteristics

File Characteristics

Imports

uxtheme

kernel32

user32

gdi32

shell32

oleaut32

shared

msvcp140

shlwapi

comctl32

msimg32

oleacc

gdiplus

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-convert-l1-1-0

ole32

Exports

Exports

Sections

.text Size: 412KB - Virtual size: 411KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 31KB - Virtual size: 30KB

.movehcs Size: 1KB - Virtual size: 4KB

.text
Size: 412KB - Virtual size: 411KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 31KB - Virtual size: 30KB

.movehcs
Size: 1KB - Virtual size: 4KB