7297001b37171ac62524ef2012cc07d514c6004d975a8be1fd02167dafb50e43

Sharing

Copy URL Twitter E-mail

General

Target

7297001b37171ac62524ef2012cc07d514c6004d975a8be1fd02167dafb50e43
Size

5.2MB
MD5

9c40363d845fe25d47e99e63e284df90
SHA1

ba103accf6c0d1588d8a66a8310b23fd007a45fe
SHA256

7297001b37171ac62524ef2012cc07d514c6004d975a8be1fd02167dafb50e43
SHA512

8cc128ae21242aca8818113bfd386a93ec313512084ed2a4d950cdc02ee47488c16fc4b0667d67f9ea98ee55d82e6fb71d9963d998029e5e12ae7bdce687daf1
SSDEEP

49152:aLU+8q0JPPnBK56b/uts/3c57l6QHHlGRNiocCrjeXZSkYSLXwstJNQL7ZESHOtW:FTyts/8fFxYSrwul1OUV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7297001b37171ac62524ef2012cc07d514c6004d975a8be1fd02167dafb50e43

Files

7297001b37171ac62524ef2012cc07d514c6004d975a8be1fd02167dafb50e43
.dll windows:5 windows x64

48c01d7a2f45b9f74f92f5d1a3250355

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

kernel32

RtlCaptureContext
TerminateProcess
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
IsValidCodePage
LCMapStringW
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
CompareStringW
GetConsoleCP
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
RtlVirtualUnwind
SetEnvironmentVariableA
GetCurrentDirectoryW
GetDriveTypeW
GetTimeFormatA
GetDateFormatA
DeleteFileW
FindNextFileA
CreateDirectoryW
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetSystemDirectoryA
MoveFileW
GetLocalTime
OutputDebugStringA
SleepEx
QueueUserAPC
IsDebuggerPresent
SetUnhandledExceptionFilter
GetLocaleInfoW
CreateFileW
SizeofResource
LockResource
LoadResource
FindResourceW
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
WideCharToMultiByte
GetCurrentThreadId
MultiByteToWideChar
CloseHandle
WriteFile
CreateFileA
ReadFile
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
WaitForSingleObject
SetEvent
ResetEvent
SetLastError
CancelIo
GetOverlappedResult
CreateEventA
SetThreadPriority
ResumeThread
DeviceIoControl
lstrlenA
MulDiv
lstrlenW
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
CreateMutexA
ReleaseMutex
GetStdHandle
FlsAlloc
FlsFree
FlsGetValue
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
ExitProcess
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
GetCommandLineA
FlsSetValue
CreateThread
ExitThread
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapAlloc
HeapFree
EncodePointer
DecodePointer
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
DeactivateActCtx
ActivateActCtx
GetModuleFileNameA
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetNumberFormatA
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
GetACP
GetOEMCP
GetCPInfo
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiA
FindResourceA
FreeResource
GlobalFindAtomA
lstrcmpW
DeleteFileA
GlobalFlags
GetVersionExA
lstrcpyA
GetSystemDirectoryW
LoadLibraryW
GetCurrentDirectoryA
FileTimeToSystemTime
GlobalGetAtomNameA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
TlsGetValue
LocalAlloc
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
CompareStringA
LoadLibraryA
lstrcmpA
GetModuleHandleW
GetProcAddress
FreeLibrary
GetCurrentProcessId
UnhandledExceptionFilter

user32

LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetMenuDefaultItem
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
CopyImage
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongPtrA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
DestroyMenu
GetMenuItemInfoA
IntersectRect
InflateRect
CharUpperA
DestroyIcon
IsIconic
ShowWindow
MoveWindow
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
RegisterClipboardFormatA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
MessageBoxA
wsprintfA
UnregisterDeviceNotification
RegisterDeviceNotificationA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetDesktopWindow
RealChildWindowFromPoint
CopyIcon
CharUpperBuffA
GetDoubleClickTime
GetIconInfo
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
InvertRect
HideCaret
GetNextDlgGroupItem
MapDialogRect
DrawIcon
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
GetClassInfoA
DefWindowProcA
MapWindowPoints
GetClientRect
GetUpdateRect
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongA
SendMessageA
GetWindowThreadProcessId
DestroyCursor
GetWindowRgn
LoadIconW
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
ShowOwnedPopups
UnhookWindowsHookEx
UnregisterClassA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
LoadCursorA
GetWindowTextA
GetWindowTextLengthA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ScreenToClient
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
DeleteMenu
CopyRect
SetRectEmpty
GetMonitorInfoA
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW

gdi32

DeleteObject
SelectClipRgn
CreateRectRgn
GetObjectA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
DPtoLP
GetTextExtentPoint32A
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
GetLayout
SetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateDCA
CopyMetaFileA
PatBlt
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyExA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ImageList_GetIconSize

ole32

DoDragDrop
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

VariantClear
VariantChangeType
SysStringLen
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
VariantInit
SysAllocString
SysAllocStringLen

ws2_32

htonl

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipBitmapLockBits
GdipCloneImage
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageWidth
GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

shlwapi

PathIsRelativeA
PathIsDirectoryA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

winmm

PlaySoundA

Exports

Exports

CameraInit
CameraPlay
CameraStop
CameraUpdate
DisplayImage
EnableTestMode
SaveParams
StartVideo

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mvp0
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48c01d7a2f45b9f74f92f5d1a3250355

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

ws2_32

gdiplus

oleacc

imm32

shlwapi

winmm

Exports

Exports

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 116KB - Virtual size: 167KB

.pdata Size: 111KB - Virtual size: 110KB

text Size: 10KB - Virtual size: 10KB

data Size: 23KB - Virtual size: 23KB

.mvp0 Size: 222KB - Virtual size: 222KB

.reloc Size: 312KB - Virtual size: 312KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 116KB - Virtual size: 167KB

.pdata
Size: 111KB - Virtual size: 110KB

text
Size: 10KB - Virtual size: 10KB

data
Size: 23KB - Virtual size: 23KB

.mvp0
Size: 222KB - Virtual size: 222KB

.reloc
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 12KB - Virtual size: 12KB