3dbca7e040cabfa7b64dc92aeaa9e6f8865637793dfac10a5d26e043c41ac514

Sharing

Copy URL Twitter E-mail

General

Target

3dbca7e040cabfa7b64dc92aeaa9e6f8865637793dfac10a5d26e043c41ac514
Size

3.2MB
MD5

fa282f537b0d3930c1b619486bf525ce
SHA1

fac3605611c3e4da14a70135fec75c0b597863d8
SHA256

3dbca7e040cabfa7b64dc92aeaa9e6f8865637793dfac10a5d26e043c41ac514
SHA512

6e23b7d57f15ad6bfbe60544c77ecb8f02ad0755da953ff11e463d9ce2d1191ac4805636d0130cc528da642401f96611870c2d8317e5ad47a8222e1ab2994b56
SSDEEP

49152:0mlJjFWsznY5cfssD1+Tg25/T8B5cMWD+0RRsjbbOWaJ/CTYyi:0m71znAsD1+TguMz0PW6WaJ/CTLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dbca7e040cabfa7b64dc92aeaa9e6f8865637793dfac10a5d26e043c41ac514

Files

3dbca7e040cabfa7b64dc92aeaa9e6f8865637793dfac10a5d26e043c41ac514
.dll windows:5 windows x86

c4652d554298f02fd349d67956bc914f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
FormatMessageW
SystemTimeToFileTime
SetFileTime
LocalFileTimeToFileTime
CreateDirectoryW
ExitProcess
VirtualQuery
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
Thread32First
Thread32Next
InterlockedCompareExchange
WriteConsoleW
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapSize
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
GetConsoleMode
HeapReAlloc
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleFileNameA
FreeLibraryAndExitThread
ExitThread
TlsFree
InterlockedFlushSList
RtlUnwind
GetFileType
GetStdHandle
LoadLibraryExA
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
FlushInstructionCache
VerifyVersionInfoW
HeapCreate
OutputDebugStringA
GetModuleHandleExW
VirtualProtect
TlsGetValue
CreateThread
TlsAlloc
DisableThreadLibraryCalls
GetModuleHandleA
TlsSetValue
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
CreateWaitableTimerW
SetWaitableTimer
LocalAlloc
InterlockedIncrement
InterlockedDecrement
lstrcmpW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MulDiv
VerSetConditionMask
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
GlobalMemoryStatusEx
GetACP
SetEvent
WaitForMultipleObjects
GetFileSize
DeleteFileW
Sleep
SetEndOfFile
SetFilePointer
WriteFile
InterlockedExchangeAdd
SetLastError
InterlockedExchange
GetVersionExW
ExpandEnvironmentStringsW
GetPrivateProfileStringW
GetTickCount
LocalFree
GetCommandLineW
CreateFileW
SetErrorMode
GetModuleFileNameW
ReadFile
lstrcatW
GetFileAttributesW
FindClose
lstrlenW
FindFirstFileW
FreeLibrary
LoadLibraryW
FindResourceW
LoadResource
LockResource
FreeResource
SizeofResource
GetExitCodeProcess
GetCurrentProcessId
OpenProcess
WaitForSingleObject
GetSystemInfo
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
lstrcpyW
WideCharToMultiByte
GlobalFree
GetFileSizeEx
DeviceIoControl
GetLogicalDriveStringsW
ReleaseMutex
CreateMutexW
MoveFileW
GetTempFileNameW
CopyFileW
MoveFileExW
GetWindowsDirectoryW
SetFileAttributesW
GetTempPathW
GetFullPathNameW
ResetEvent
CreateEventW
FileTimeToSystemTime
QueryDosDeviceW
FindNextFileW
GetEnvironmentVariableW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
OpenThread
GlobalAlloc
MultiByteToWideChar
lstrcpynW
LoadLibraryExW
SwitchToThread
SuspendThread
GetFileTime
ResumeThread
GetProcessHeap
HeapAlloc
HeapFree
GetFileAttributesExW
GetLongPathNameW
OutputDebugStringW
lstrcmpiW
CreateProcessW
GetProcAddress
CloseHandle
HeapDestroy

user32

GetForegroundWindow
GetAsyncKeyState
LoadStringW
DestroyAcceleratorTable
EnumThreadWindows
RegisterWindowMessageW
SetWindowPos
GetAncestor
OpenClipboard
GetIconInfo
ScreenToClient
ShowWindow
DrawIconEx
GetDesktopWindow
LoadBitmapW
MsgWaitForMultipleObjects
AttachThreadInput
SystemParametersInfoW
RemovePropW
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
GetClassLongW
SetTimer
MessageBoxA
IntersectRect
SetFocus
LoadCursorW
ShowWindowAsync
SetRectEmpty
SetCapture
SetCursor
KillTimer
PtInRect
ReleaseCapture
InvalidateRect
GetCursorPos
BeginPaint
EndPaint
GetDC
GetClientRect
ReleaseDC
TrackMouseEvent
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
SetForegroundWindow
GetGUIThreadInfo
InvalidateRgn
CreateAcceleratorTableW
DrawTextA
wsprintfA
IsWindowEnabled
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
EqualRect
UpdateWindow
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret
TrackPopupMenu
AppendMenuW
EnableMenuItem
DestroyMenu
CreatePopupMenu
SetRect
FillRect
DrawTextW
GetWindowRgn
MoveWindow
UpdateLayeredWindow
SetWindowRgn
MonitorFromPoint
MessageBoxW
AdjustWindowRectEx
GetPropW
SetPropW
GetSystemMetrics
EnableWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
PostQuitMessage
DefWindowProcW
InflateRect
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetWindow
GetParent
IsRectEmpty
OffsetRect
UnionRect
GetSysColor
MapWindowPoints
GetUpdateRect
GetKeyState
GetFocus
IsZoomed
IsIconic
IsWindowVisible
IsWindow
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
DestroyWindow
GetWindowLongW
GetActiveWindow
LoadIconW
CharPrevW
CharNextW
GetWindowThreadProcessId
EndDialog
GetShellWindow
SetWindowLongW
SendMessageW
PostMessageW
UnregisterClassW
wsprintfW
GetWindowRect
ToAscii
CopyRect
GetKeyboardState
GetDCEx
GetWindowDC
RedrawWindow
EnumChildWindows
DialogBoxParamW
GetDlgItem
SetParent
GetClassNameW
ValidateRect
IsChild

gdi32

TextOutW
MoveToEx
GetObjectA
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
LineTo
GetTextExtentPoint32W
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
PtInRegion
CreateRectRgn
GdiFlush
SetWindowOrgEx
GetObjectW
GetTextMetricsW
ExtTextOutW
GetEnhMetaFileHeader
CreatePatternBrush
CloseEnhMetaFile
SaveDC
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
CreatePen
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
GetClipBox
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
GetTextExtentPointA
GetRgnBox
SetViewportOrgEx
CreatePolygonRgn
SetWorldTransform
SetGraphicsMode
EnumFontsW
GetDIBits
CreateDCW
GetBitmapBits
CreateEnhMetaFileW
SetBitmapBits
CreateRoundRectRgn
PlayEnhMetaFile

advapi32

RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
GetUserNameW
CreateProcessWithTokenW
OpenProcessToken
DuplicateTokenEx
RegEnumKeyExW

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
DragQueryFileW
SHBrowseForFolderW
CommandLineToArgvW
DragFinish
SHGetFolderPathW
ShellExecuteExW
SHGetPathFromIDListW
ShellExecuteW

ole32

CoGetClassObject
CoTaskMemRealloc
CoTaskMemAlloc
OleUninitialize
StringFromGUID2
CoUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
DoDragDrop
CoInitialize

oleaut32

LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
DispCallFunc
SysStringLen
SysAllocStringLen
VarUI4FromStr
SysAllocString
VariantClear
VariantInit
SysFreeString

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent

gdiplus

GdipGetBrushType
GdipCombineRegionRegion
GdipAddPathRectangleI
GdipAddPathArcI
GdipAddPathEllipseI
GdipCombineRegionPath
GdipAddPathBezierI
GdipAddPathLineI
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipDrawRectangleI
GdipSetTextureTransform
GdipDeletePath
GdipAddPathLine
ord1
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipLoadImageFromStream
GdipSetInterpolationMode
GdipLoadImageFromStreamICM
GdipSetLineTransform
GdipSetCompositingMode
GdipCreatePath
GdipCreateHBITMAPFromBitmap
GdipFree
GdipCreateBitmapFromStream
GdipCreateRegionPath
GdipGetInterpolationMode
GdipDeleteFontFamily
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipGetLineTransform
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetImageAttributesColorMatrix
GdipSetCompositingQuality
GdipGetFamily
GdipGetTextRenderingHint
GdipAddPathString
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillPath
GdipFillRectangleI
GdipDrawPath
GdipBitmapLockBits
GdipSetTextRenderingHint
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipCloneBitmapAreaI
GdipGetImagePixelFormat
GdipCloneRegion
GdipGetFamilyName
GdipDeleteMatrix
GdipDrawImageRectRectI
GdipGetFontSize
GdipGetImageGraphicsContext
GdipDeleteRegion
GdipRestoreGraphics
GdipGetCellAscent
GdipGetMatrixElements
GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipTransformRegion
GdipGetFontStyle
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetLinePresetBlend
GdipCreateFont
GdipEndContainer
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign

imm32

ImmSetCandidateWindow
ImmAssociateContextEx
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME

shlwapi

ord12
PathFindFileNameW
PathAppendW
StrDupW
StrToIntA
PathFileExistsW

msimg32

AlphaBlend

urlmon

CoInternetCreateSecurityManager
CoInternetCreateZoneManager

winmm

timeGetTime

ws2_32

gethostbyname
WSAStartup
gethostname

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

psapi

GetMappedFileNameW

Exports

Exports

BindSoftware
CheckInstall
CheckNeedInstallService
ExtractDll
GetCheckValue
GetInstDir
Init
OnRepair
OnSetup
OnSetupPost
OnUninstall
PopInt
PopString
PushInt
PushString
RegNeedChangeTextBySafeCenter
ShowInstall
ShowUnInstall

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 801KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4652d554298f02fd349d67956bc914f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

imm32

shlwapi

msimg32

urlmon

winmm

ws2_32

version

psapi

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 399KB - Virtual size: 399KB

.data Size: 22KB - Virtual size: 36KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 801KB - Virtual size: 800KB

.reloc Size: 113KB - Virtual size: 112KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 399KB - Virtual size: 399KB

.data
Size: 22KB - Virtual size: 36KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 801KB - Virtual size: 800KB

.reloc
Size: 113KB - Virtual size: 112KB