762a0afcf2768b0e218d698016d1c722d920276033b384fb0bfc60e58d12b040

Sharing

Copy URL Twitter E-mail

General

Target

762a0afcf2768b0e218d698016d1c722d920276033b384fb0bfc60e58d12b040
Size

395KB
MD5

7bdb98d9632cee279f85d306258d5979
SHA1

919669114dee284a2929c53a9c224d8216162205
SHA256

762a0afcf2768b0e218d698016d1c722d920276033b384fb0bfc60e58d12b040
SHA512

138033fce18f4a1fe169f12c05628b079d2ab86206bccfb799019c94fc03a0a70647bba7d970dd2d3a4f6cc81611eed658488686801748aae662d0639320bc1a
SSDEEP

6144:wIXKLnl8F3jygh0qTQkE6FhZT4EQoFigASJp5US:DKLnkwq0k5KKb5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
762a0afcf2768b0e218d698016d1c722d920276033b384fb0bfc60e58d12b040

Files

762a0afcf2768b0e218d698016d1c722d920276033b384fb0bfc60e58d12b040
.dll windows:6 windows x64

cce3bc1b54075d92cc5215eb2d6de248

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

VerifyVersionInfoW
GetLastError
GetProcAddress
HeapSize
EnterCriticalSection
GlobalFree
DecodePointer
lstrcmpiW
lstrcatW
DeleteCriticalSection
GetCurrentThreadId
CloseHandle
LocalFree
lstrcpyW
GetTickCount64
CreateMutexW
InitializeCriticalSectionAndSpinCount
ReleaseMutex
FindFirstFileW
FlushInstructionCache
SetLastError
FindClose
FindNextFileW
SetNamedPipeHandleState
CreateFileMappingW
ReadFile
lstrcpynW
Sleep
WaitNamedPipeW
UnmapViewOfFile
MapViewOfFile
PeekNamedPipe
GetLocalTime
Beep
RaiseException
GlobalUnlock
lstrlenW
OutputDebugStringW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree
WideCharToMultiByte
GetStringTypeW
EncodePointer
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineA
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
InitializeCriticalSectionEx
MultiByteToWideChar
lstrcmpW
CreateFileW
GetModuleFileNameW
MulDiv
GetExitCodeProcess
LeaveCriticalSection
LoadLibraryW
GlobalAlloc
WriteFile
GetProcessHeap
GetModuleHandleW
GlobalLock
HeapFree
HeapReAlloc
GetCurrentProcess
VerSetConditionMask
HeapAlloc
FreeLibrary
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetFileSize
IsDebuggerPresent
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
FlushFileBuffers
OpenFileMappingW

user32

IsWindow
KillTimer
SetTimer
SetWindowPos
MonitorFromRect
ReleaseCapture
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetCursor
SetCapture
MonitorFromPoint
OffsetRect
SetWindowLongW
GetWindowLongW
GetWindowTextW
EndPaint
DestroyWindow
ScreenToClient
LoadCursorW
GetWindowLongPtrW
GetClientRect
BeginPaint
GetClassInfoExW
RegisterClassExW
UpdateLayeredWindow
InvalidateRect
RedrawWindow
GetCursorPos
ShowWindow
SetWindowLongPtrW
UpdateWindow
CallWindowProcW
DefWindowProcW
CheckMenuItem
LoadImageW
ClientToScreen
GetWindowRect
InflateRect
SetRect
IntersectRect
IsWindowVisible
IsRectEmpty
VkKeyScanW
GetKeyState
GetKeyboardState
ToUnicode
SendInput
DrawTextW
TrackPopupMenu
UnregisterClassW
GetFocus
PtInRect
wsprintfW
GetDC
SetKeyboardState
SetCursorPos
AppendMenuW
SystemParametersInfoW
GetClassNameW
ReleaseDC
MapVirtualKeyExW
MonitorFromWindow
GetDesktopWindow
CreatePopupMenu
CreateWindowExW
GetSystemMetrics
DestroyMenu
GetMonitorInfoW
TrackPopupMenuEx

gdi32

CreateDIBSection
GetTextExtentPoint32W
BitBlt
SetViewportOrgEx
DeleteObject
CreateCompatibleDC
SetBkMode
DeleteDC
CreateFontIndirectW
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
SetTextColor

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateInstance
CoInitializeEx
CLSIDFromString
CoUninitialize
CreateStreamOnHGlobal

oleaut32

VariantInit
SysAllocStringLen
SysAllocString

shlwapi

PathFindFileNameW
StrChrW
PathRemoveFileSpecW
PathStripPathW
PathAppendW
PathFileExistsW

gdiplus

GdipGetGenericFontFamilySansSerif
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipAddPathArc
GdipAddPathLine
GdipCreatePath
GdipImageRotateFlip
GdipCloneBitmapArea
GdipDrawImageRectRectI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPageUnit
GdipGetCompositingQuality
GdipGetInterpolationMode
GdipGetPageUnit
GdipCreateBitmapFromStream
GdipSetWorldTransform
GdipRotateMatrix
GdipTranslateMatrix
GdipGetWorldTransform
GdipDeleteMatrix
GdipCreateMatrix
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipGetLogFontW
GdipMeasureString
GdipGetTextRenderingHint
GdipSetPenColor
GdipDrawRectangleI
GdipSetPenMode
GdipFillRectangleI
GdipDeletePath
GdipDrawPath
GdipFillPath
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipGetPixelOffsetMode
GdipGetSmoothingMode
GdipDeletePen
GdipDrawLineI
GdipCreatePen1
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipCreateFromHDC
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipFree
GdiplusShutdown

msimg32

AlphaBlend

d2d1

ord1
ord2

dwrite

DWriteCreateFactory

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce3bc1b54075d92cc5215eb2d6de248

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

msimg32

d2d1

dwrite

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 224KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 11KB - Virtual size: 22KB

.pdata Size: 12KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 224KB - Virtual size: 224KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 11KB - Virtual size: 22KB

.pdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 3KB - Virtual size: 2KB