13e2630446fe59a17ee0ad5d0902d2f5e9901bf6cfb310852e8a1a44653e5924

Sharing

Copy URL Twitter E-mail

General

Target

13e2630446fe59a17ee0ad5d0902d2f5e9901bf6cfb310852e8a1a44653e5924
Size

2.4MB
MD5

64f79340bd74afa6c1d773c7ae7f0071
SHA1

c8f0a6615496adb1958c699a718088e7819c46f0
SHA256

13e2630446fe59a17ee0ad5d0902d2f5e9901bf6cfb310852e8a1a44653e5924
SHA512

765eae723686eaa8785ad802d1586997afab2717d3485614c398ff7446fbdbdc22cc6785931ad60cfd2704c54372e0e31ef83fa7a53dc76815b3a12edfc9a89d
SSDEEP

49152:JEaGGgL8K9AHBV7Gc0pEJ6qnceHQFnXGoRUO5dSCBxMqja8dh:JTq/InKZXGoRUxCBxM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13e2630446fe59a17ee0ad5d0902d2f5e9901bf6cfb310852e8a1a44653e5924

Files

13e2630446fe59a17ee0ad5d0902d2f5e9901bf6cfb310852e8a1a44653e5924
.exe windows:6 windows x64

d7470ed3a5e221fbf8535c578bc8d449

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libufun

UF_get_fail_message
UF_free
UF_PART_save
UF_print_syslog
UF_PART_set_display_part
UF_OBJ_ask_name
UF_terminate
UF_ATTR_read_value
UF_PART_open
UF_PART_close_all
UF_ATTR_delete
UF_initialize
UF_PART_free_load_status

libufun_cam

UF_PARAM_generate
UF_SETUP_ask_program_root
UF_NCGROUP_is_group
UF_OPER_ask_status
UF_SETUP_ask_setup
UF_NCGROUP_cycle_members
UF_PARAM_check
UF_CAM_init_session
UF_CAM_is_session_initialized

kernel32

ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetTickCount
SearchPathA
GetWindowsDirectoryA
FindResourceExW
GetTempPathA
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetVersionExA
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
ResumeThread
SetThreadPriority
GetStringTypeW
WaitForSingleObject
SetEvent
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
GetTempFileNameA
Sleep
GlobalFlags
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
GetFullPathNameW
GetSystemInfo
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
FlushFileBuffers
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CompareStringA
QueryActCtxW
FindActCtxSectionStringW
GetCommandLineW
HeapQueryInformation
QueryPerformanceFrequency
ExitProcess
GetStdHandle
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetProfileIntA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetCurrentProcessId
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleA
SetLastError
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
CloseHandle
CreateFileA
GetVolumeInformationA
FreeLibrary
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
DeleteFileA
GetLastError
GetModuleHandleExA
HeapSize
GetSystemDefaultLangID
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetModuleFileNameA
CompareStringW
LCMapStringW
GetDriveTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetCurrentDirectoryW
CreateFileW
WriteConsoleW

user32

MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
GetIconInfo
GetDoubleClickTime
WaitMessage
PostThreadMessageA
FrameRect
CopyIcon
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
ModifyMenuA
CharUpperBuffA
RegisterClipboardFormatA
LoadImageA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
ShowOwnedPopups
LoadImageW
SetClassLongPtrA
LockWindowUpdate
BringWindowToTop
SetParent
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
DestroyIcon
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsRectEmpty
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
IntersectRect
WindowFromPoint
SetCursor
MessageBeep
SetWindowRgn
DeleteMenu
GetSystemMenu
LoadMenuW
SetTimer
ReleaseCapture
SetCapture
IsZoomed
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
RealChildWindowFromPoint
PostQuitMessage
OffsetRect
CopyImage
InflateRect
GetMenuItemInfoA
DestroyMenu
EnumDisplayMonitors
DrawMenuBar
LoadCursorW
SetRectEmpty
SetLayeredWindowAttributes
TranslateMessage
GetMessageA
CharUpperA
LoadCursorA
GetSysColorBrush
GetSystemMetrics
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
ClientToScreen
GetCursorPos
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
GetWindowRgn
GetComboBoxInfo
DestroyCursor
DrawIcon
InvertRect
HideCaret
GetNextDlgGroupItem
SystemParametersInfoA
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
CreateMenu
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
GetClassNameA
FillRect
GetClientRect
InvalidateRect
UpdateWindow
DrawStateA
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
IsWindowEnabled
SendMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
UnhookWindowsHookEx
EnableWindow
MessageBoxA
KillTimer

gdi32

ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectA
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
GetTextMetricsA
GetTextExtentPoint32A
CreateRoundRectRgn
CreateDIBSection
CombineRgn
PatBlt
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExA
RealizePalette
SetPixel
StretchBlt
TextOutA
GetRgnBox
OffsetRgn
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
SetROP2
SetPolyFillMode
GetLayout
MoveToEx
SetTextAlign
SetDIBColorTable
CopyMetaFileA
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
SetTextColor
SetBkColor
GetObjectA
GetStockObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCA
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
DragFinish
SHGetFileInfoA

shlwapi

PathFindExtensionA
PathIsUNCA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindFileNameA
PathStripToRootA

uxtheme

IsAppThemed
CloseThemeData
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
DrawThemeParentBackground
OpenThemeData
DrawThemeText

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
CoUninitialize
CoTaskMemFree
RevokeDragDrop
CoTaskMemAlloc
CoInitialize
CoDisconnectObject
ReleaseStgMedium
CoCreateInstance

oleaut32

SysAllocString
LoadTypeLi
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdipGetImageWidth
GdipCloneImage
GdiplusStartup
GdipCreateFromHDC
GdipFree
GdipAlloc
GdipGetImageGraphicsContext
GdipDisposeImage
GdipGetImageHeight
GdipGetImagePixelFormat
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusShutdown

ws2_32

gethostname
WSAStartup

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

?NXSigningResource@@YAXXZ

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 499KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7470ed3a5e221fbf8535c578bc8d449

Headers

DLL Characteristics

File Characteristics

Imports

libufun

libufun_cam

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 499KB - Virtual size: 498KB

.data Size: 27KB - Virtual size: 55KB

.pdata Size: 81KB - Virtual size: 81KB

_RDATA Size: 512B - Virtual size: 148B

.vmp0 Size: 84KB - Virtual size: 83KB

.reloc Size: 57KB - Virtual size: 56KB

.rsrc Size: 1024B - Virtual size: 972B

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 499KB - Virtual size: 498KB

.data
Size: 27KB - Virtual size: 55KB

.pdata
Size: 81KB - Virtual size: 81KB

_RDATA
Size: 512B - Virtual size: 148B

.vmp0
Size: 84KB - Virtual size: 83KB

.reloc
Size: 57KB - Virtual size: 56KB

.rsrc
Size: 1024B - Virtual size: 972B