2f0d1b8407e6f390b4b1690a722cd2081470104d64c8c10c20b3d38c8a84a41e

Sharing

Copy URL Twitter E-mail

General

Target

2f0d1b8407e6f390b4b1690a722cd2081470104d64c8c10c20b3d38c8a84a41e
Size

6.2MB
MD5

28d6aa31bfeeaf7828982d1cbf39920c
SHA1

b7497b5aeb8ab00e6d4be68d3b883f2568069679
SHA256

2f0d1b8407e6f390b4b1690a722cd2081470104d64c8c10c20b3d38c8a84a41e
SHA512

ba7ec415896549d1f30b9256a43fd1be51866d0794dcff2226cef423d5731df62975f841c2c4b4ea70fdd41fff8a6a96dc3a30fab4a725c327694a5c41469b19
SSDEEP

98304:MEvY0U04hm4yZXDta7JQO+kA1su7+aMka9kXKaQU65MkIwFGXtppd1KaAXW+nqj:MEvHXzTAovscMBgKaUZIFp2XWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f0d1b8407e6f390b4b1690a722cd2081470104d64c8c10c20b3d38c8a84a41e

Files

2f0d1b8407e6f390b4b1690a722cd2081470104d64c8c10c20b3d38c8a84a41e
.dll windows:5 windows x64

29e1c7006523ab3115a10705e2c3929a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libufun

UF_translate_variable

libugopenint

uc1601

kernel32

CreateSemaphoreA
ReleaseSemaphore
CheckRemoteDebuggerPresent
GetComputerNameA
PostQueuedCompletionStatus
CreateIoCompletionPort
GetQueuedCompletionStatus
ReadDirectoryChangesW
GetLongPathNameW
QueueUserWorkItem
SetNamedPipeHandleState
UnregisterWait
CreateNamedPipeW
WaitNamedPipeW
SwitchToThread
ConnectNamedPipe
RegisterWaitForSingleObject
PeekNamedPipe
SetHandleInformation
GetExitCodeProcess
UnregisterWaitEx
CancelIo
ReadConsoleA
WriteConsoleInputW
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterW
SetConsoleTextAttribute
ReadConsoleInputW
GetNumberOfConsoleInputEvents
QueryPerformanceFrequency
FindResourceW
LoadResource
WaitForSingleObject
WideCharToMultiByte
SizeofResource
ReadFile
LockResource
CloseHandle
CreateFileA
GetFileSize
SetFilePointer
FreeLibrary
GetEnvironmentVariableA
GetProcAddress
CopyFileA
GetPrivateProfileStringA
LoadLibraryA
GetModuleHandleA
GetModuleHandleExA
FindFirstFileA
FindClose
GetModuleFileNameA
DeviceIoControl
GetVersionExA
lstrlenA
FormatMessageA
LocalFree
GetCurrentProcess
GetModuleHandleW
GetSystemDirectoryA
GetLastError
GetSystemInfo
MultiByteToWideChar
SetLastError
MulDiv
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileAttributesA
GetFileSizeEx
GetFileTime
lstrcmpA
DeactivateActCtx
ActivateActCtx
GetCurrentProcessId
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
LocalAlloc
TlsGetValue
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetThreadPriority
ResumeThread
GetCurrentThreadId
SetEvent
CreateEventA
SetErrorMode
GlobalGetAtomNameA
CompareStringA
lstrcmpiA
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
FreeResource
FindResourceA
GlobalFlags
GetLocaleInfoA
GetUserDefaultUILanguage
GetCPInfo
GetOEMCP
GetSystemDirectoryW
lstrcpyA
GetACP
GetCurrentDirectoryA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
GetTickCount
GetProfileIntA
Sleep
SearchPathA
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
FlsSetValue
GetCommandLineA
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
VirtualAlloc
SetThreadStackGuarantee
VirtualQuery
SetStdHandle
GetFileType
ExitThread
CreateThread
HeapSize
HeapQueryInformation
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetTimeZoneInformation
IsValidCodePage
FlsGetValue
FlsFree
FlsAlloc
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetConsoleCtrlHandler
CompareStringW
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
IsBadReadPtr
ProcessIdToSessionId
LeaveCriticalSection
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessagePos
GetMessageTime
SetWindowLongPtrA
GetWindowLongPtrA
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
SetFocus
IsWindow
RemovePropA
GetPropA
SetPropA
GetClassLongPtrA
GetClassNameA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
LoadIconW
RegisterWindowMessageA
CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
ClientToScreen
RealChildWindowFromPoint
GetDesktopWindow
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
DestroyIcon
InflateRect
GetMenuItemInfoA
DestroyMenu
SystemParametersInfoA
PostQuitMessage
CopyImage
SetRectEmpty
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
IntersectRect
IsIconic
InvalidateRect
SetCursor
ShowOwnedPopups
DeleteMenu
IsRectEmpty
OffsetRect
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
CreatePopupMenu
WindowFromPoint
NotifyWinEvent
GetAsyncKeyState
SetClassLongPtrA
LoadMenuW
GetWindowPlacement
SetCapture
ReleaseCapture
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetNextDlgTabItem
LoadImageA
GetNextDlgGroupItem
EndDialog
CreateDialogIndirectParamA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
GetWindowLongA
PeekMessageA
PostMessageA
DispatchMessageA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetMenu
CopyRect
SetWindowPos
PtInRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
CharUpperA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowTextLengthA
GetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetWindowThreadProcessId
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetIconInfo
SetWindowPlacement
GetSystemMetrics
SetTimer
KillTimer
SendMessageA
GetSystemMenu
SetWindowLongA

gdi32

SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetRgnBox
GetTextFaceA
SetPixelV
SetBkColor
GetObjectA
DeleteObject
OffsetRgn
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
GetSystemPaletteEntries
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DPtoLP
PatBlt
SetTextColor
CreateBitmap
CreateDCA
GetTextExtentPoint32A
CreateDIBitmap
CreateCompatibleBitmap
CopyMetaFileA
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathIsDirectoryA

ole32

CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoSetProxyBlanket
CoTaskMemFree

oleaut32

SysFreeString
SysAllocString
VariantInit
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
VariantClear

ws2_32

listen
WSARecv
socket
bind
shutdown
WSASend
setsockopt
WSAIoctl
select
WSASocketW
htons
inet_addr
WSADuplicateSocketW
WSARecvFrom
WSAGetLastError
WSASetLastError
closesocket
WSAStartup
FreeAddrInfoW
ioctlsocket

iphlpapi

GetAdaptersInfo

sense4

S4VerifyPin
S4Close
S4ChangeDir
S4Execute
S4Enum
S4Control
S4Open

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageI
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipSetInterpolationMode
GdipGetImageGraphicsContext

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

quick_cam_check_dog4
quick_cam_check_dog5
quick_cam_check_lic_module

Sections

.text
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 836KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mark
Size: - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.La6
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.X=s
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.=~l
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29e1c7006523ab3115a10705e2c3929a

Headers

DLL Characteristics

File Characteristics

Imports

libufun

libugopenint

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

ws2_32

iphlpapi

sense4

oleacc

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: - Virtual size: 6.5MB

.rdata Size: - Virtual size: 836KB

.data Size: - Virtual size: 209KB

.pdata Size: - Virtual size: 84KB

text Size: - Virtual size: 5KB

data Size: - Virtual size: 11KB

.mark Size: - Virtual size: 336B

.La6 Size: - Virtual size: 1.6MB

.X=s Size: 6KB - Virtual size: 6KB

.=~l Size: 6.1MB - Virtual size: 6.1MB

.reloc Size: 512B - Virtual size: 180B

.rsrc Size: 85KB - Virtual size: 179KB

.text
Size: - Virtual size: 6.5MB

.rdata
Size: - Virtual size: 836KB

.data
Size: - Virtual size: 209KB

.pdata
Size: - Virtual size: 84KB

text
Size: - Virtual size: 5KB

data
Size: - Virtual size: 11KB

.mark
Size: - Virtual size: 336B

.La6
Size: - Virtual size: 1.6MB

.X=s
Size: 6KB - Virtual size: 6KB

.=~l
Size: 6.1MB - Virtual size: 6.1MB

.reloc
Size: 512B - Virtual size: 180B

.rsrc
Size: 85KB - Virtual size: 179KB