77feb312a25607a7810fa582693faff06bd1eb581ad68527888fa5f37255b114

Sharing

Copy URL

Twitter E-mail

General

Target

77feb312a25607a7810fa582693faff06bd1eb581ad68527888fa5f37255b114
Size

2.1MB
MD5

217e43c99247d852cbc09d8f05cf45a4
SHA1

80c51900352b733840dc7955b4c5bfb771e52156
SHA256

77feb312a25607a7810fa582693faff06bd1eb581ad68527888fa5f37255b114
SHA512

0ccc457cb2e442762d4ecedb1e3267c5e56939aa46f3fe8c946ec3fb5352d737657559743718aa261d77a846416d2a67ba85d076f3b5fd27f4faff24af1d0a98
SSDEEP

49152:HDOh6fnFr1YGJ6HD/6RYfCzKzi1bgeCiD13EtBd:jOfjSRYf1iB3q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77feb312a25607a7810fa582693faff06bd1eb581ad68527888fa5f37255b114

Files

77feb312a25607a7810fa582693faff06bd1eb581ad68527888fa5f37255b114
.exe windows:5 windows x64

97a9010cae89cf4df0c2b6821feaa226

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libufun

UF_free
UF_PART_save
UF_print_syslog
UF_PART_close_all
UF_ATTR_delete
UF_initialize
UF_OBJ_ask_name
UF_get_fail_message
UF_terminate
UF_PART_set_display_part
UF_PART_open
UF_ATTR_read_value
UF_PART_free_load_status

libufun_cam

UF_PARAM_check
UF_SETUP_ask_program_root
UF_OPER_ask_status
UF_PARAM_generate
UF_NCGROUP_is_group
UF_CAM_init_session
UF_SETUP_ask_setup
UF_CAM_is_session_initialized
UF_NCGROUP_cycle_members

kernel32

GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
VirtualQuery
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
LCMapStringW
GetStringTypeW
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoW
HeapSetInformation
GetVersion
HeapCreate
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeW
GetConsoleCP
GetConsoleMode
CompareStringW
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
GetFileType
SetStdHandle
RtlPcToFileHeader
RaiseException
HeapReAlloc
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
HeapAlloc
GetCommandLineA
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
GetNumberFormatA
GetWindowsDirectoryA
SearchPathA
Sleep
GetProfileIntA
GetTickCount
GetTempPathA
GetTempFileNameA
GetOEMCP
GetCPInfo
GetUserDefaultUILanguage
GetLocaleInfoA
GetACP
GetCurrentDirectoryA
lstrcpyA
GetSystemDirectoryW
GlobalFlags
GetModuleHandleW
GetFullPathNameA
GetCurrentProcess
DuplicateHandle
GetFileSize
HeapQueryInformation
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
WaitForSingleObject
ResumeThread
SetThreadPriority
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
TlsGetValue
LocalAlloc
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
LoadLibraryA
lstrcmpW
FindResourceA
FreeResource
GetCurrentThreadId
lstrcmpA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetModuleFileNameW
ReleaseActCtx
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
MultiByteToWideChar
SetLastError
GetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
GetProcAddress
FindFirstFileA
FindNextFileA
FindClose
lstrlenA
CloseHandle
GetVolumeInformationA
CreateFileA
DeleteFileA
GetModuleFileNameA
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
FreeLibrary
FindResourceW
GetModuleHandleExA
GetSystemDefaultLangID
HeapSize
CreateThread
SetEndOfFile
ExitThread
IsValidCodePage

user32

TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DestroyCursor
MapDialogRect
DrawIcon
GetWindowRgn
LoadImageW
LoadImageA
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongPtrA
DestroyAcceleratorTable
SetParent
DestroyIcon
CopyImage
PostQuitMessage
GetMenuDefaultItem
SetMenuDefaultItem
GetMenuItemInfoA
CreatePopupMenu
IsMenu
DestroyMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsIconic
IsZoomed
GetAsyncKeyState
NotifyWinEvent
SetCursor
MessageBeep
ReleaseCapture
WindowFromPoint
SetCapture
KillTimer
SetTimer
SetWindowRgn
GetSystemMenu
LoadMenuW
DeleteMenu
IntersectRect
OffsetRect
InflateRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
CharUpperA
GetSystemMetrics
GetMessageA
TranslateMessage
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
DrawMenuBar
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
CopyRect
SetWindowLongA
SetWindowPos
GetWindow
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
GetCursorPos
CallNextHookEx
IsWindow
ScreenToClient
ClientToScreen
GetWindowRect
PtInRect
GetClassNameA
DefMDIChildProcA
DefFrameProcA
ShowOwnedPopups
GetNextDlgGroupItem
GetIconInfo
HideCaret
InvertRect
WaitMessage
PostThreadMessageA
CharUpperBuffA
CopyIcon
UnpackDDElParam
ReuseDDElParam
LoadMenuA
InvalidateRect
UpdateWindow
GetClientRect
FillRect
DrawStateA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
FrameRect
RegisterClipboardFormatA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
LockWindowUpdate

gdi32

ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
Escape
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
GetTextExtentPoint32A
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
ScaleWindowExtEx
OffsetRgn
GetRgnBox
OffsetWindowOrgEx
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetTextFaceA
SetPixelV
ExtTextOutA
TextOutA
RectVisible
Polygon
SetWindowExtEx
PtVisible
GetPixel
BitBlt
GetWindowExtEx
SetWindowOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
CreateBitmap
CreateDCA
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CopyMetaFileA
SetDIBColorTable
GetDeviceCaps
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SelectObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegDeleteValueA

shell32

SHAppBarMessage
DragFinish
DragQueryFileA
ShellExecuteA
SHBrowseForFolderA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW

ole32

CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
ReleaseStgMedium

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
SysAllocString
VariantTimeToSystemTime
VariantClear
SysFreeString

gdiplus

GdipFree
GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics

ws2_32

WSAStartup
gethostname

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Exports

Exports

?NXSigningResource@@YAXXZ

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97a9010cae89cf4df0c2b6821feaa226

Headers

DLL Characteristics

File Characteristics

Imports

libufun

libufun_cam

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

ws2_32

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 510KB - Virtual size: 510KB

.data Size: 31KB - Virtual size: 79KB

.pdata Size: 73KB - Virtual size: 73KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.vmp0 Size: 76KB - Virtual size: 75KB

.reloc Size: 51KB - Virtual size: 50KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 510KB - Virtual size: 510KB

.data
Size: 31KB - Virtual size: 79KB

.pdata
Size: 73KB - Virtual size: 73KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.vmp0
Size: 76KB - Virtual size: 75KB

.reloc
Size: 51KB - Virtual size: 50KB

.rsrc
Size: 1KB - Virtual size: 1KB