4bf184e0ab210e3e375721c9549829108a201aa60648659a9abd7801462fa067

Sharing

Copy URL Twitter E-mail

General

Target

4bf184e0ab210e3e375721c9549829108a201aa60648659a9abd7801462fa067
Size

1.1MB
MD5

82dadc0a06ffccb6b10ec401af88e1c7
SHA1

1bd452dd6d1222fd38cc0458ec2697bfdb8d190a
SHA256

4bf184e0ab210e3e375721c9549829108a201aa60648659a9abd7801462fa067
SHA512

620d12c419aa62bfaa37faa56308aba5cd1fb74cdbd3d7e8e94491fce04e34cf0a3a6255177ef4f336ca14c734276eaa941da76f909c8a12affa9c036b9ecb1f
SSDEEP

24576:ftKJxrmoEOLPUUk//b915G65EkESNjDZ:WtCx//xF7E6Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bf184e0ab210e3e375721c9549829108a201aa60648659a9abd7801462fa067

Files

4bf184e0ab210e3e375721c9549829108a201aa60648659a9abd7801462fa067
.exe windows:6 windows x64

23790ea59eecd19695f1b6f4acef5f2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

d3d11

D3D11CreateDevice

d2d1

ord1

dwrite

DWriteCreateFactory

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
DecodePointer
CloseHandle
RaiseException
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
Sleep
CreateThread
SuspendThread
GetSystemPowerStatus
ResumeThread
WaitForMultipleObjectsEx
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
CreateFileW
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
MultiByteToWideChar
EncodePointer
SetLastError
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
GetACP
IsValidCodePage
FindNextFileW
GetOEMCP
FindFirstFileExW
FindClose
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
SetEndOfFile
WriteConsoleW
GetCurrentProcessId
RtlUnwind
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
ExitProcess
GetCommandLineW
GetCommandLineA
LoadLibraryExW
RtlUnwindEx
RtlPcToFileHeader

user32

GetClientRect
MoveWindow
QueryDisplayConfig
GetDisplayConfigBufferSizes
DestroyCursor
LoadCursorW
GetWindowRect
MessageBoxW
AdjustWindowRect
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
SetThreadDesktop
OpenInputDesktop
FindWindowW
CloseDesktop

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW

ole32

CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 400KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23790ea59eecd19695f1b6f4acef5f2c

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

d2d1

dwrite

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 305KB - Virtual size: 305KB

.rdata Size: 122KB - Virtual size: 122KB

.data Size: 128KB - Virtual size: 137KB

.pdata Size: 16KB - Virtual size: 16KB

.rsrc Size: 146KB - Virtual size: 145KB

.reloc Size: 400KB - Virtual size: 744KB

.text
Size: 305KB - Virtual size: 305KB

.rdata
Size: 122KB - Virtual size: 122KB

.data
Size: 128KB - Virtual size: 137KB

.pdata
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 146KB - Virtual size: 145KB

.reloc
Size: 400KB - Virtual size: 744KB