5cb6af47b64272741d68ffd7e7244d80c0fcabede8d00e8d9832e1b02d28568b

Sharing

Copy URL Twitter E-mail

General

Target

5cb6af47b64272741d68ffd7e7244d80c0fcabede8d00e8d9832e1b02d28568b
Size

192KB
MD5

820cb2ca4360f9994e692a017882a2a5
SHA1

2e28f4a2d32c52cd66702b71fe405c92a7a29b4f
SHA256

5cb6af47b64272741d68ffd7e7244d80c0fcabede8d00e8d9832e1b02d28568b
SHA512

590d5c72faad55bb2ca3ab826e9bf06aa62b729b561f30dd897c7ac6737bdd8ed92b53c9edd90d0186561dd4283304de8b03e755fdcb9408bb268d80b51c6cc1
SSDEEP

3072:fOls1AGKsbpzvdjvSeksFUzDJUbdRsHz3ah7/HL3CK6Kv4vCdsr:GlszKgLdjvSe/+ubdSHzqVr3CIGwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb6af47b64272741d68ffd7e7244d80c0fcabede8d00e8d9832e1b02d28568b

Files

5cb6af47b64272741d68ffd7e7244d80c0fcabede8d00e8d9832e1b02d28568b
.dll windows:5 windows x86

67773d28d69f727ac1082a2306f55f80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

duilib

?Notify@WindowImplBase@duilib@@UAEXAAUtagTNotifyUI@2@@Z
?OnNcHitTest@WindowImplBase@duilib@@UAEJIIJAAH@Z
?HandleCustomMessage@WindowImplBase@duilib@@UAEJIIJAAH@Z
?SetTextColor@CLabelUI@duilib@@QAEXK@Z
?SetDisabledTextColor@CLabelUI@duilib@@QAEXK@Z
??0CButtonUI@duilib@@QAE@XZ
?SetHotTextColor@CButtonUI@duilib@@QAEXK@Z
??1CButtonUI@duilib@@UAE@XZ
??0COptionUI@duilib@@QAE@XZ
??1COptionUI@duilib@@UAE@XZ
?SetSelectedImage@COptionUI@duilib@@QAEXPB_W@Z
?SetSelectedTextColor@COptionUI@duilib@@QAEXK@Z
?SetGroup@COptionUI@duilib@@QAEXPB_W@Z
?IsSelected@COptionUI@duilib@@QBE_NXZ
?Activate@CButtonUI@duilib@@UAE_NXZ
?Activate@COptionUI@duilib@@UAE_NXZ
?Close@CWindowWnd@duilib@@UAEXI@Z
?CreateControl@WindowImplBase@duilib@@UAEPAVCControlUI@2@PB_W@Z
?DoEvent@CButtonUI@duilib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@duilib@@UAEXXZ
?DoPaint@CControlUI@duilib@@UAE_NPAUHDC__@@ABUtagRECT@@PAV12@@Z
?DoPostPaint@CControlUI@duilib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CLabelUI@duilib@@UAE?AUtagSIZE@@U3@@Z
?Event@CControlUI@duilib@@UAEXAAUtagTEventUI@2@@Z
?FindControl@CControlUI@duilib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?GetAutoCalcHeight@CLabelUI@duilib@@UBE_NXZ
?GetAutoCalcWidth@CLabelUI@duilib@@UBE_NXZ
?GetClass@CButtonUI@duilib@@UBEPB_WXZ
?GetClass@COptionUI@duilib@@UBEPB_WXZ
?GetClassStyle@WindowImplBase@duilib@@UBEIXZ
?GetClientPos@CControlUI@duilib@@UBE?AUtagRECT@@XZ
?GetControlFlags@CButtonUI@duilib@@UBEIXZ
?GetCursor@CControlUI@duilib@@UAEGXZ
?GetDisabledImage@CButtonUI@duilib@@UAEPB_WXZ
?GetFixedHeight@CControlUI@duilib@@UBEHXZ
?GetFixedSize@CControlUI@duilib@@UBE?AUtagSIZE@@XZ
?GetFixedWidth@CControlUI@duilib@@UBEHXZ
?GetFixedXY@CControlUI@duilib@@UBE?AUtagSIZE@@XZ
?GetFloatAlign@CControlUI@duilib@@UBEIXZ
?GetFloatPercent@CControlUI@duilib@@UBE?AUtagTPercentInfo@2@XZ
?GetFocusedImage@CButtonUI@duilib@@UAEPB_WXZ
?GetHeight@CControlUI@duilib@@UBEHXZ
?GetHotForeImage@CButtonUI@duilib@@UAEPB_WXZ
?GetHotImage@CButtonUI@duilib@@UAEPB_WXZ
?GetInterface@CButtonUI@duilib@@UAEPAXPB_W@Z
?GetInterface@COptionUI@duilib@@UAEPAXPB_W@Z
?GetManager@CControlUI@duilib@@UBEPAVCPaintManagerUI@2@XZ
?GetManagerName@WindowImplBase@duilib@@MAEPB_WXZ
?GetMaxHeight@CControlUI@duilib@@UBEHXZ
?GetMaxWidth@CControlUI@duilib@@UBEHXZ
?GetMinHeight@CControlUI@duilib@@UBEHXZ
?GetMinWidth@CControlUI@duilib@@UBEHXZ
?GetName@CControlUI@duilib@@UBE?AVCDuiString@2@XZ
?GetNormalImage@CButtonUI@duilib@@UAEPB_WXZ
?GetPadding@CControlUI@duilib@@UBE?AUtagRECT@@XZ
?GetParent@CControlUI@duilib@@UBEPAV12@XZ
?GetPos@CControlUI@duilib@@UBEABUtagRECT@@XZ
?GetPushedImage@CButtonUI@duilib@@UAEPB_WXZ
?GetRelativePos@CControlUI@duilib@@UBE?AUtagRECT@@XZ
?GetSelectedStateImage@COptionUI@duilib@@UAEPB_WXZ
?GetShortcut@CControlUI@duilib@@UBE_WXZ
?GetSkinType@WindowImplBase@duilib@@MAE?AVCDuiString@2@XZ
?GetStateImage@CButtonUI@duilib@@UAEPB_WXZ
?GetStyle@WindowImplBase@duilib@@UAEJXZ
?GetSuperClassName@CWindowWnd@duilib@@MBEPB_WXZ
?GetTag@CControlUI@duilib@@UBEIXZ
?GetText@CControlUI@duilib@@UBE?AVCDuiString@2@XZ
?GetToolTip@CControlUI@duilib@@UBE?AVCDuiString@2@XZ
?GetToolTipWidth@CControlUI@duilib@@UAEHXZ
?GetUserData@CControlUI@duilib@@UAEABVCDuiString@2@XZ
?GetWidth@CControlUI@duilib@@UBEHXZ
?GetX@CControlUI@duilib@@UBEHXZ
?GetY@CControlUI@duilib@@UBEHXZ
?HandleMessage@WindowImplBase@duilib@@UAEJIIJ@Z
?Init@CControlUI@duilib@@UAEXXZ
?InitResource@WindowImplBase@duilib@@UAEXXZ
?IsContextMenuUsed@CControlUI@duilib@@UBE_NXZ
?IsDragEnabled@CControlUI@duilib@@UBE_NXZ
?IsDropEnabled@CControlUI@duilib@@UBE_NXZ
?IsEnabled@CControlUI@duilib@@UBE_NXZ
?IsFloat@CControlUI@duilib@@UBE_NXZ
?IsFocused@CControlUI@duilib@@UBE_NXZ
?IsKeyboardEnabled@CControlUI@duilib@@UBE_NXZ
?IsMouseEnabled@CControlUI@duilib@@UBE_NXZ
?IsResourceText@CControlUI@duilib@@UBE_NXZ
?IsRichEvent@CControlUI@duilib@@UBE_NXZ
??1WindowImplBase@duilib@@UAE@XZ
?MessageHandler@WindowImplBase@duilib@@UAEJIIJAA_N@Z
?Move@CControlUI@duilib@@UAEXUtagSIZE@@_N@Z
?OnChar@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnMouseMove@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@duilib@@UAEJIIJAAH@Z
?OnSysCommand@WindowImplBase@duilib@@UAEJIIJAAH@Z
?Paint@CControlUI@duilib@@UAE_NPAUHDC__@@ABUtagRECT@@PAV12@@Z
?PaintBkColor@CButtonUI@duilib@@UAEXPAUHDC__@@@Z
?PaintBkColor@COptionUI@duilib@@UAEXPAUHDC__@@@Z
?PaintBkImage@CControlUI@duilib@@UAEXPAUHDC__@@@Z
?PaintBorder@CControlUI@duilib@@UAEXPAUHDC__@@@Z
?PaintForeColor@CControlUI@duilib@@UAEXPAUHDC__@@@Z
?PaintForeImage@CButtonUI@duilib@@UAEXPAUHDC__@@@Z
?PaintForeImage@COptionUI@duilib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CButtonUI@duilib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@COptionUI@duilib@@UAEXPAUHDC__@@@Z
?PaintText@CButtonUI@duilib@@UAEXPAUHDC__@@@Z
?PaintText@COptionUI@duilib@@UAEXPAUHDC__@@@Z
?QueryControlText@WindowImplBase@duilib@@UAEPB_WPB_W0@Z
?ResponseDefaultKeyEvent@WindowImplBase@duilib@@MAEJI@Z
?Selected@COptionUI@duilib@@UAEX_N0@Z
?SetAttribute@CButtonUI@duilib@@UAEXPB_W0@Z
?SetAttribute@COptionUI@duilib@@UAEXPB_W0@Z
?SetAutoCalcHeight@CLabelUI@duilib@@UAEX_N@Z
?SetAutoCalcWidth@CLabelUI@duilib@@UAEX_N@Z
?SetContextMenuUsed@CControlUI@duilib@@UAEX_N@Z
?SetCursor@CControlUI@duilib@@UAEXG@Z
?SetDisabledImage@CButtonUI@duilib@@UAEXPB_W@Z
?SetDragEnable@CControlUI@duilib@@UAEX_N@Z
?SetDropEnable@CControlUI@duilib@@UAEX_N@Z
?SetEnabled@CButtonUI@duilib@@UAEX_N@Z
?SetEnabled@COptionUI@duilib@@UAEX_N@Z
?SetFixedHeight@CControlUI@duilib@@UAEXH@Z
?SetFixedWidth@CControlUI@duilib@@UAEXH@Z
?SetFixedXY@CControlUI@duilib@@UAEXUtagSIZE@@@Z
?SetFloat@CControlUI@duilib@@UAEX_N@Z
?SetFloatAlign@CControlUI@duilib@@UAEXI@Z
?SetFloatPercent@CControlUI@duilib@@UAEXUtagTPercentInfo@2@@Z
?SetFocus@CControlUI@duilib@@UAEXXZ
?SetFocusedImage@CButtonUI@duilib@@UAEXPB_W@Z
?SetHotForeImage@CButtonUI@duilib@@UAEXPB_W@Z
?SetHotImage@CButtonUI@duilib@@UAEXPB_W@Z
?SetInternVisible@CControlUI@duilib@@UAEX_N@Z
?SetKeyboardEnabled@CControlUI@duilib@@UAEX_N@Z
?SetManager@CControlUI@duilib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?SetManager@COptionUI@duilib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z
?SetMaxHeight@CControlUI@duilib@@UAEXH@Z
?SetMaxWidth@CControlUI@duilib@@UAEXH@Z
?SetMinHeight@CControlUI@duilib@@UAEXH@Z
?SetMinWidth@CControlUI@duilib@@UAEXH@Z
?SetMouseEnabled@CControlUI@duilib@@UAEX_N@Z
?SetName@CControlUI@duilib@@UAEXPB_W@Z
?SetNormalImage@CButtonUI@duilib@@UAEXPB_W@Z
?SetPadding@CControlUI@duilib@@UAEXUtagRECT@@@Z
?SetPos@CControlUI@duilib@@UAEXUtagRECT@@_N@Z
?SetPushedImage@CButtonUI@duilib@@UAEXPB_W@Z
?SetResourceText@CControlUI@duilib@@UAEX_N@Z
?SetRichEvent@CControlUI@duilib@@UAEX_N@Z
?SetSelectedStateImage@COptionUI@duilib@@UAEXPB_W@Z
?SetShortcut@CControlUI@duilib@@UAEX_W@Z
?SetStateImage@CButtonUI@duilib@@UAEXPB_W@Z
?SetTag@CControlUI@duilib@@UAEXI@Z
?SetText@CLabelUI@duilib@@UAEXPB_W@Z
?SetToolTip@CControlUI@duilib@@UAEXPB_W@Z
?SetToolTipWidth@CControlUI@duilib@@UAEXH@Z
?SetUserData@CControlUI@duilib@@UAEXPB_W@Z
?SetVisible@CControlUI@duilib@@UAEX_N@Z
?messageMap@WindowImplBase@duilib@@1UDUI_MSGMAP@2@B
?SetResourceZip@CPaintManagerUI@duilib@@SAXPAXIPB_W@Z
?MessageLoop@CPaintManagerUI@duilib@@SAXXZ
?Term@CPaintManagerUI@duilib@@SAXXZ
?Create@CWindowWnd@duilib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?CenterWindow@CWindowWnd@duilib@@QAEXXZ
??0WindowImplBase@duilib@@QAE@XZ
?FindSubControl@CContainerUI@duilib@@QAEPAVCControlUI@2@PB_W@Z
?SetBkImage@CControlUI@duilib@@QAEXPB_W@Z
?SetBkColor@CControlUI@duilib@@QAEXK@Z
?GetHWND@CWindowWnd@duilib@@QBEPAUHWND__@@XZ
?GetDPIObj@CPaintManagerUI@duilib@@QAEPAVCDPI@2@XZ
?FindControl@CPaintManagerUI@duilib@@QBEPAVCControlUI@2@PB_W@Z
?FindControl@CPaintManagerUI@duilib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?GetCaptionRect@CPaintManagerUI@duilib@@QAE?AUtagRECT@@XZ
?GetPaintWindow@CPaintManagerUI@duilib@@QBEPAUHWND__@@XZ
?SetDPIAwareness@CDPI@duilib@@QAEHW4PROCESS_DPI_AWARENESS@@@Z
?Find@CDuiString@duilib@@QBEHPB_WH@Z
?MakeLower@CDuiString@duilib@@QAEXXZ
?CompareNoCase@CDuiString@duilib@@QBEHPB_W@Z
??8CDuiString@duilib@@QBE_NPB_W@Z
??4CDuiString@duilib@@QAEABV01@PB_W@Z
??BCDuiString@duilib@@QBEPB_WXZ
?GetData@CDuiString@duilib@@QBEPB_WXZ
??1CDuiString@duilib@@QAE@XZ
??0CDuiString@duilib@@QAE@PB_WH@Z
??0CDuiString@duilib@@QAE@ABV01@@Z
?IsVisible@CControlUI@duilib@@UBE_NXZ
??0CDuiString@duilib@@QAE@XZ

configure

ReleaseConfigInst
GetConfigureInst

kernel32

SetEvent
WaitForSingleObject
GetModuleFileNameW
GetCurrentThreadId
GetModuleHandleExW
CreateEventW
GetSystemTimeAsFileTime
GetCommandLineW
GetPrivateProfileIntW
WriteFile
GetCurrentProcessId
SetNamedPipeHandleState
ProcessIdToSessionId
DecodePointer
OutputDebugStringW
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
FindResourceW
LoadLibraryW
SizeofResource
CreateFileW
LoadResource
GetProcAddress
LockResource
FreeResource
GlobalAddAtomW
GetTickCount
GetModuleHandleW

user32

DestroyWindow
PostQuitMessage
UnregisterHotKey
RegisterHotKey
PostMessageW
ShowWindow
OffsetRect
PtInRect
GetMonitorInfoW
EnumDisplayMonitors
SetWindowPos
SetTimer
KillTimer
GetClientRect
GetWindowRect
ScreenToClient
GetWindowLongW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

SHGetFolderPathW
ord165

ole32

OleInitialize
CoInitialize
CoUninitialize
OleUninitialize

msvcp120

?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr120

?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__clean_type_info_names_internal
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_purecall
memmove
_errno
wcstol
swprintf_s
_CxxThrowException
__CxxFrameHandler3
memcpy
rand
clock
_wcsicmp
??_V@YAXPAX@Z
free
_waccess_s
wcsrchr
_vsnwprintf

shlwapi

PathFileExistsW

Exports

Exports

BDLoadModule
BDReleaseModule

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67773d28d69f727ac1082a2306f55f80

Headers

DLL Characteristics

File Characteristics

Imports

duilib

configure

kernel32

user32

advapi32

shell32

ole32

msvcp120

msvcr120

shlwapi

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 129KB - Virtual size: 128KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 129KB - Virtual size: 128KB

.reloc
Size: 4KB - Virtual size: 3KB