4123e73c202b58e2fb478f4754796c9c77d37e1efb907ea4e41953c9be898b01

Sharing

Copy URL

Twitter E-mail

General

Target

4123e73c202b58e2fb478f4754796c9c77d37e1efb907ea4e41953c9be898b01
Size

5.7MB
MD5

4d20fb127f11b77d141258df9cdae86b
SHA1

333a9b81c2a1c7d21f0d30d46aa3720943d21814
SHA256

4123e73c202b58e2fb478f4754796c9c77d37e1efb907ea4e41953c9be898b01
SHA512

62664126b94048323663acd08c5d25be08f5ef72fa87e80d991997cfd5bb72c954c5b6588edecfc076a8cc7c1b0ec28438641efe319b0d2e923af2e644c907d9
SSDEEP

98304:rBXi7DBWwSaxLYl7G/VbBIDDlELxkYQPrLung1t88S/fFuTb+Z5NNXs9dBNNNWYW:1Xi7DBWwSaxAuVbOE+N16FuTbYNNQBN+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4123e73c202b58e2fb478f4754796c9c77d37e1efb907ea4e41953c9be898b01

Files

4123e73c202b58e2fb478f4754796c9c77d37e1efb907ea4e41953c9be898b01
.dll windows:5 windows x86

978bf3ff56dc1eb55613d50d74a38534

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathIsDirectoryA
PathIsRelativeA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

winmm

PlaySoundA

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoW
IsValidCodePage
GetLocaleInfoW
LCMapStringW
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
TerminateProcess
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
GetDriveTypeW
CreateFileW
SetEnvironmentVariableA
DeleteFileW
FindNextFileA
InterlockedCompareExchange
CreateDirectoryW
GetSystemDirectoryA
MoveFileW
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetDateFormatA
GetTimeFormatA
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
SleepEx
ExitProcess
VirtualQuery
CompareStringW
GetSystemInfo
VirtualAlloc
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
Sleep
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateEventA
WaitForSingleObject
SetEvent
ResetEvent
PulseEvent
QueueUserAPC
WaitForSingleObjectEx
SetFilePointer
ReadFile
WriteFile
GetLastError
CancelIo
GetOverlappedResult
GetLocalTime
QueryPerformanceFrequency
OutputDebugStringA
SetThreadPriority
InitializeCriticalSectionAndSpinCount
CreateMutexA
CreateFileA
DeviceIoControl
GetModuleHandleA
GetProcAddress
InterlockedDecrement
WaitForMultipleObjectsEx
InterlockedIncrement
ReleaseMutex
lstrlenA
MulDiv
lstrlenW
LocalFree
GetCommandLineA
FindFirstFileExA
GetDriveTypeA
HeapReAlloc
CreateThread
ExitThread
EncodePointer
DecodePointer
HeapAlloc
GetSystemTimeAsFileTime
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
SetLastError
lstrcmpA
InterlockedExchange
FreeLibrary
GetModuleHandleW
DeactivateActCtx
LoadLibraryA
GetTimeZoneInformation
RaiseException
HeapFree
RtlUnwind
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetNumberFormatA
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
GetACP
GetOEMCP
GetCPInfo
ActivateActCtx
CompareStringA
LoadLibraryExA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
FindResourceA
FreeResource
GlobalFindAtomA
lstrcmpW
DeleteFileA
GlobalFlags
GetVersionExA
lstrcpyA
GetSystemDirectoryW
LoadLibraryW
GetCurrentDirectoryA
FileTimeToSystemTime
GlobalGetAtomNameA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
GlobalDeleteAtom
GetCurrentThread
GetModuleFileNameA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA

user32

GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
GetNextDlgGroupItem
HideCaret
InvertRect
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
GetIconInfo
GetDoubleClickTime
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
CopyImage
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DestroyMenu
GetMenuItemInfoA
InflateRect
CharUpperA
DestroyIcon
IsIconic
ShowWindow
MoveWindow
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
MessageBoxA
IntersectRect
IsRectEmpty
OffsetRect
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
GetClassInfoA
DefWindowProcA
MapWindowPoints
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuA
SendMessageA
OpenClipboard
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
ShowOwnedPopups
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
UnhookWindowsHookEx
UnregisterClassA
GetWindowTextA
GetWindowTextLengthA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ScreenToClient
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
GetSysColor
GetSysColorBrush
GetSystemMetrics
LoadCursorA
DeleteMenu
CopyRect
SetRectEmpty
GetMonitorInfoA
SystemParametersInfoA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
GetClientRect

gdi32

DeleteObject
SelectClipRgn
CreateRectRgn
GetObjectA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
DPtoLP
GetTextExtentPoint32A
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
GetLayout
SetLayout
SetTextAlign
MoveToEx
LineTo
GetDeviceCaps
CopyMetaFileA
CreateDCA
CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
PatBlt

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyExA
RegEnumValueA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
ShellExecuteA
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
DragFinish
SHGetFileInfoA

comctl32

ImageList_GetIconSize

ole32

CoInitializeEx
CoUninitialize
CoInitialize
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
DoDragDrop
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid

oleaut32

SysAllocString
VariantInit
VarBstrFromDate
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

iphlpapi

GetIpNetTable
GetAdaptersInfo
GetIpAddrTable

ws2_32

ioctlsocket
htonl
inet_ntoa
__WSAFDIsSet
WSACleanup
setsockopt
WSAStartup
WSAGetLastError
recvfrom
select
ntohl
sendto
htons
getsockname
bind
inet_addr
socket
closesocket
ntohs

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Exports

Exports

CameraInit
CameraPlay
CameraStop
CameraUpdate
DisplayImage
EnableTestMode
SaveParams

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 596KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mvp0
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

978bf3ff56dc1eb55613d50d74a38534

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

winmm

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

setupapi

iphlpapi

ws2_32

gdiplus

oleacc

imm32

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.text1 Size: 40KB - Virtual size: 40KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 117KB - Virtual size: 147KB

.data1 Size: 596KB - Virtual size: 596KB

.trace Size: 4KB - Virtual size: 4KB

.mvp0 Size: 46KB - Virtual size: 46KB

.reloc Size: 431KB - Virtual size: 431KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.text1
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 117KB - Virtual size: 147KB

.data1
Size: 596KB - Virtual size: 596KB

.trace
Size: 4KB - Virtual size: 4KB

.mvp0
Size: 46KB - Virtual size: 46KB

.reloc
Size: 431KB - Virtual size: 431KB

.rsrc
Size: 12KB - Virtual size: 12KB