7f278a8f5eaea66319be4e21ba9363bbeacac7df3863851bfc84cf5470978dc9

Sharing

Copy URL Twitter E-mail

General

Target

7f278a8f5eaea66319be4e21ba9363bbeacac7df3863851bfc84cf5470978dc9
Size

1.1MB
MD5

d529dee3b7529ccd1efd5ea85c5c4eeb
SHA1

7b15de37503c7a3a4577158d0623edb97a173f06
SHA256

7f278a8f5eaea66319be4e21ba9363bbeacac7df3863851bfc84cf5470978dc9
SHA512

d58e8f18c025ae57393df4d9e15bd9a5047ad80b25ededb1e7f8b602cbbf6fe30f0fd3a223890cfc58c27fbba8d2b85aee7fda5267f47ef967f064cfc7b9a266
SSDEEP

24576:cB8/4HTZZz/YrouBxWgMmUlnI3ecGV9NuHl1LmWvGG:P4Hfz/EouBxWgMmUlnI33GV9NI1CG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f278a8f5eaea66319be4e21ba9363bbeacac7df3863851bfc84cf5470978dc9

Files

7f278a8f5eaea66319be4e21ba9363bbeacac7df3863851bfc84cf5470978dc9
.exe windows:6 windows x86

6db287305d080271498abd702e3cb7de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetLocalTime
WriteFile
WaitForSingleObject
GetLastError
GetOverlappedResult
CreateEventA
GetTickCount
FindNextFileA
GetVolumeInformationA
GetDriveTypeA
WriteConsoleW
CreateFileW
DecodePointer
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
GetStringTypeW
SetStdHandle
GetProcessHeap
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetFileSize
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileType
HeapAlloc
HeapFree
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
RaiseException
CloseHandle
CreateFileA
ReadFile
GetModuleFileNameA
CreateDirectoryA
FindClose
FindFirstFileA
lstrcmpA
Sleep
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringA
lstrlenW
lstrcpyW
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
lstrcmpiA
lstrcpyA
DeleteFileA
lstrcatA
GetOEMCP
lstrlenA

user32

SetWindowPos
DestroyWindow
LoadCursorA
PostMessageA
BeginPaint
UpdateWindow
FindWindowA
PeekMessageA
EndPaint
CreateDialogParamA
SetCursor
TranslateMessage
SetFocus
CreateWindowExA
DefWindowProcA
GetWindowRect
DispatchMessageA
LoadImageA
IsWindow
RegisterClassA
MessageBoxA
CallWindowProcA
ShowWindow
LoadIconA
GetDlgItemTextA
EnumDisplaySettingsA
wsprintfA
GetDC
ReleaseDC
AdjustWindowRectEx
EnumDisplayDevicesA
GetSystemMetrics
ChangeDisplaySettingsExA
GetClientRect
GetActiveWindow
SetRect
MoveWindow
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItem
EndDialog
ChangeDisplaySettingsA
GetCapture
ReleaseCapture
ScreenToClient
GetAsyncKeyState
GetCursorPos
GetKeyState
SetWindowLongA
GetWindowTextA
GetWindowLongA
SetWindowTextA
SendMessageA
SetActiveWindow

gdi32

GetStockObject
DeleteObject
CreateFontA
CreateSolidBrush
EnumFontFamiliesA
SetTextAlign
TextOutA
SelectObject
GetGlyphOutlineA
SetBkMode
CreateFontIndirectA
GetTextMetricsA

shell32

ShellExecuteA

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CoInitialize

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod
timeKillEvent
timeSetEvent
timeGetDevCaps

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateTextureFromFileInMemory
D3DXCreateTextureFromFileExA
D3DXSaveTextureToFileA
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionMultiply
D3DXMatrixLookAtLH
D3DXCreateTexture

imm32

ImmAssociateContext

emotedriver

?EmoteFilterTexture@@YAXPAEKP6AX0K@Z@Z
?EmoteCreate@@YAPAVIEmoteDevice@@ABUInitParam@1@@Z

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

hid

HidD_GetHidGuid
HidD_GetAttributes

dsound

ord11

Sections

.text
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 102.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6db287305d080271498abd702e3cb7de

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

winmm

d3d9

d3dx9_43

imm32

emotedriver

setupapi

hid

dsound

Sections

.text Size: 706KB - Virtual size: 706KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 15KB - Virtual size: 102.2MB

.rsrc Size: 299KB - Virtual size: 298KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 706KB - Virtual size: 706KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 15KB - Virtual size: 102.2MB

.rsrc
Size: 299KB - Virtual size: 298KB

.reloc
Size: 34KB - Virtual size: 34KB