e85e608d4ee80a5ed7534aee597564ba80ea1de8e5272ab0b8e7fe09bd642a51

Sharing

Copy URL Twitter E-mail

General

Target

e85e608d4ee80a5ed7534aee597564ba80ea1de8e5272ab0b8e7fe09bd642a51
Size

969KB
MD5

4fb7c5d33afc7ef1d711bdc3b742f3fb
SHA1

9fbadedff62d57df76d3fb72d40ca031d05477bc
SHA256

e85e608d4ee80a5ed7534aee597564ba80ea1de8e5272ab0b8e7fe09bd642a51
SHA512

c5f9d0396ac854ad7d31070c570b9ef3af2d3f59177a31c87a3dfd280109f7f81f485a9e0c011d2f296bdc53768514de6fde959c8300debe5e2a5c3795997102
SSDEEP

24576:vxVJFWtEREBGD1N3RUDHNmdPCAaq8Nozgi/rE0TOj:vVsI8i8HNUPCAaq8Wdo0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e85e608d4ee80a5ed7534aee597564ba80ea1de8e5272ab0b8e7fe09bd642a51

Files

e85e608d4ee80a5ed7534aee597564ba80ea1de8e5272ab0b8e7fe09bd642a51
.exe windows:6 windows x64

2d86c3d0862c5db0166fe8f34e7c2a4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapDestroy
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
LocalFree
RtlPcToFileHeader
RtlUnwindEx
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetACP
GetFileType
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
DeleteCriticalSection
DecodePointer
RaiseException
InitializeCriticalSectionEx
Sleep
CreateMutexW
GetUserDefaultUILanguage
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetCommandLineW
WideCharToMultiByte
MultiByteToWideChar
FlushFileBuffers
WriteFile
ReadFile
CloseHandle
GetFileSize
CreateFileW
FindClose
GetLastError
FreeResource
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
QueryPerformanceCounter
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
SetEvent
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
EncodePointer
EnterCriticalSection
LeaveCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
LCMapStringW
GetStringTypeW

user32

MoveWindow
EnumDisplayDevicesW
SendMessageW
GetDC
GetClientRect
GetWindowLongW
SetWindowLongW
GetWindowRect
SetWindowPos
IsIconic
EnumDisplayMonitors
GetMonitorInfoW
SetForegroundWindow
ShowWindow
FindWindowW
ReleaseDC
UpdateLayeredWindow

gdi32

DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject

advapi32

RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey

ole32

CoUninitialize
CoInitialize

oleaut32

VariantClear

hnduilib

?EstimateSize@CButtonUI@DuiLib@@UEAA?AUtagSIZE@@U3@@Z
?SetAttribute@CButtonUI@DuiLib@@UEAAXPEB_W0@Z
?DoEvent@CButtonUI@DuiLib@@UEAAXAEAUtagTEventUI@2@@Z
?SetEnabled@CButtonUI@DuiLib@@UEAAX_N@Z
?SetVisible@CControlUI@DuiLib@@UEAAX_N@Z
?SetText@CLabelUI@DuiLib@@UEAAXPEB_W@Z
?GetText@CLabelUI@DuiLib@@UEBA?AVCDuiString@2@XZ
?Activate@CButtonUI@DuiLib@@UEAA_NXZ
?GetControlFlags@CButtonUI@DuiLib@@UEBAIXZ
?GetInterface@CButtonUI@DuiLib@@UEAAPEAXPEB_W@Z
?GetClass@CButtonUI@DuiLib@@UEBAPEB_WXZ
?Close@CWindowWnd@DuiLib@@QEAAXI@Z
??0CButtonUI@DuiLib@@QEAA@XZ
??9CDuiString@DuiLib@@QEBA_NPEB_W@Z
?SetBkImage@CControlUI@DuiLib@@QEAAXPEB_W@Z
?GetHWND@CWindowWnd@DuiLib@@QEBAPEAUHWND__@@XZ
?GetRoot@CPaintManagerUI@DuiLib@@QEBAPEAVCControlUI@2@XZ
?DoPaint@CControlUI@DuiLib@@UEAAXPEAUHDC__@@AEBUtagRECT@@@Z
??4CDuiString@DuiLib@@QEAAAEBV01@PEB_W@Z
??0CDuiString@DuiLib@@QEAA@AEBV01@@Z
??1CDialogBuilder@DuiLib@@QEAA@XZ
??1CListLabelElementUI@DuiLib@@UEAA@XZ
?CreateControl@WindowImplBase@DuiLib@@UEAAPEAVCControlUI@2@PEB_W@Z
?MessageHandler@WindowImplBase@DuiLib@@UEAA_JI_K_JAEA_N@Z
?GetMessageMap@WindowImplBase@DuiLib@@MEBAPEBUDUI_MSGMAP@2@XZ
?GetStyle@WindowImplBase@DuiLib@@UEAAJXZ
?HandleCustomMessage@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnMouseMove@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?PaintStatusImage@CButtonUI@DuiLib@@UEAAXPEAUHDC__@@@Z
?OnKillFocus@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnCreate@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnSysCommand@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnChar@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnSize@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?OnClose@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?GetResourceID@WindowImplBase@DuiLib@@UEBAPEB_WXZ
?GetZIPFileName@WindowImplBase@DuiLib@@UEBA?AVCDuiString@2@XZ
?GetResourceType@WindowImplBase@DuiLib@@UEBA?AW4UILIB_RESOURCETYPE@2@XZ
?OnClick@WindowImplBase@DuiLib@@MEAAXAEAUtagTNotifyUI@2@@Z
?OnTabKeyProcess@CWindowWnd@DuiLib@@MEAA_NQEAUtagMSG@@@Z
?SetTabKeyProcess@CWindowWnd@DuiLib@@MEAAX_N@Z
?GetClassStyle@WindowImplBase@DuiLib@@UEBAIXZ
?GetSuperClassName@CWindowWnd@DuiLib@@MEBAPEB_WXZ
?DoPostPaint@CControlUI@DuiLib@@UEAAXPEAUHDC__@@AEBUtagRECT@@@Z
?PaintBorder@CControlUI@DuiLib@@UEAAXPEAUHDC__@@@Z
?PaintText@CControlUI@DuiLib@@UEAAXPEAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UEAAXPEAUHDC__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UEAAXPEAUHDC__@@@Z
?PaintBkColor@CControlUI@DuiLib@@UEAAXPEAUHDC__@@@Z
?DoPaint@CListLabelElementUI@DuiLib@@UEAAXPEAUHDC__@@AEBUtagRECT@@@Z
?EstimateSize@CListLabelElementUI@DuiLib@@UEAA?AUtagSIZE@@U3@@Z
?PaintText@CButtonUI@DuiLib@@UEAAXPEAUHDC__@@@Z
?OnFinalMessage@WindowImplBase@DuiLib@@UEAAXPEAUHWND__@@@Z
?InitWindow@WindowImplBase@DuiLib@@UEAAXXZ
??1CButtonUI@DuiLib@@UEAA@XZ
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPEB_W@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPEAUHINSTANCE__@@@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?CenterWindow@CWindowWnd@DuiLib@@QEAAXXZ
?ShowModal@CWindowWnd@DuiLib@@QEAAIXZ
?OnSetFocus@WindowImplBase@DuiLib@@UEAA_JI_K_JAEAH@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UEBA_NXZ
?SetAttribute@CListElementUI@DuiLib@@UEAAXPEB_W0@Z
?DoEvent@CListLabelElementUI@DuiLib@@UEAAXAEAUtagTEventUI@2@@Z
?Event@CControlUI@DuiLib@@UEAAXAEAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UEAAXXZ
?Init@CControlUI@DuiLib@@UEAAXXZ
?FindControl@CControlUI@DuiLib@@UEAAPEAV12@P6APEAV12@PEAV12@PEAX@Z1I@Z
?GetEllipseDrawImage@CControlUI@DuiLib@@UEBA_NXZ
?SetEllipseDrawImage@CControlUI@DuiLib@@UEAAX_N@Z
?SetFloat@CControlUI@DuiLib@@UEAAX_N@Z
?IsFloat@CControlUI@DuiLib@@UEBA_NXZ
?SetFocus@CControlUI@DuiLib@@UEAAXXZ
?IsFocused@CControlUI@DuiLib@@UEBA_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UEAAX_N@Z
?SetMouseEnabled@CControlUI@DuiLib@@UEAAX_N@Z
??0CDuiString@DuiLib@@QEAA@PEB_WH@Z
??1CDuiString@DuiLib@@QEAA@XZ
??0WindowImplBase@DuiLib@@QEAA@XZ
??1WindowImplBase@DuiLib@@UEAA@XZ
??0CDuiString@DuiLib@@QEAA@XZ
?GetName@CControlUI@DuiLib@@UEBA?AVCDuiString@2@XZ
??8CDuiString@DuiLib@@QEBA_NPEB_W@Z
?GetValue@CProgressUI@DuiLib@@QEBAHXZ
?Format@CDuiString@DuiLib@@QEAAHPEB_WZZ
??BCDuiString@DuiLib@@QEBAPEB_WXZ
?GetTag@CControlUI@DuiLib@@UEBA_JXZ
?SelectItem@CTabLayoutUI@DuiLib@@QEAA_NH@Z
?Notify@WindowImplBase@DuiLib@@UEAAXAEAUtagTNotifyUI@2@@Z
?Init@CPaintManagerUI@DuiLib@@QEAAXPEAUHWND__@@@Z
??0CDialogBuilder@DuiLib@@QEAA@XZ
?Create@CDialogBuilder@DuiLib@@QEAAPEAVCControlUI@2@VSTRINGorID@2@PEB_WPEAVIDialogBuilderCallback@2@PEAVCPaintManagerUI@2@PEAV32@@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QEAA_NPEAVCControlUI@2@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QEAA_NPEAVINotifyUI@2@@Z
?ShowWindow@CWindowWnd@DuiLib@@QEAAX_N0@Z
?HandleMessage@WindowImplBase@DuiLib@@UEAA_JI_K_J@Z
?FindControl@CPaintManagerUI@DuiLib@@QEBAPEAVCControlUI@2@PEB_W@Z
?SetToolTip@CControlUI@DuiLib@@UEAAXPEB_W@Z
?SetBorderSize@CControlUI@DuiLib@@QEAAXH@Z
?GetLength@CDuiString@DuiLib@@QEBAHXZ
?SetMinWidth@CControlUI@DuiLib@@UEAAXH@Z
?GetMinWidth@CControlUI@DuiLib@@UEBAHXZ
?Create@CWindowWnd@DuiLib@@QEAAPEAUHWND__@@PEAU3@PEB_WKKHHHHPEAUHMENU__@@@Z
??0CListLabelElementUI@DuiLib@@QEAA@XZ
?SetTag@CControlUI@DuiLib@@UEAAX_J@Z
?SetText@CControlUI@DuiLib@@UEAAXPEB_W@Z
?SetDropBoxSize@CComboUI@DuiLib@@QEAAXUtagSIZE@@@Z
?SetVisible@CListElementUI@DuiLib@@UEAAX_N@Z
?Selected@COptionUI@DuiLib@@QEAAX_N0@Z
?IsSelected@COptionUI@DuiLib@@QEBA_NXZ
?SetMaxValue@CProgressUI@DuiLib@@QEAAXH@Z
?SetValue@CProgressUI@DuiLib@@QEAAXH@Z
?IsVisible@CControlUI@DuiLib@@UEBA_NXZ
?GetFixedHeight@CControlUI@DuiLib@@UEBAHXZ
?SetFixedHeight@CControlUI@DuiLib@@UEAAXH@Z
?SetName@CControlUI@DuiLib@@UEAAXPEB_W@Z
?GetClass@CListLabelElementUI@DuiLib@@UEBAPEB_WXZ
?GetInterface@CListLabelElementUI@DuiLib@@UEAAPEAXPEB_W@Z
?GetControlFlags@CListElementUI@DuiLib@@UEBAIXZ
?Activate@CListElementUI@DuiLib@@UEAA_NXZ
?GetManager@CControlUI@DuiLib@@UEBAPEAVCPaintManagerUI@2@XZ
?SetManager@CControlUI@DuiLib@@UEAAXPEAVCPaintManagerUI@2@PEAV12@_N@Z
?GetParent@CControlUI@DuiLib@@UEBAPEAV12@XZ
?GetText@CControlUI@DuiLib@@UEBA?AVCDuiString@2@XZ
?GetPos@CControlUI@DuiLib@@UEBAAEBUtagRECT@@XZ
?SetPos@CControlUI@DuiLib@@UEAAXUtagRECT@@@Z
?GetWidth@CControlUI@DuiLib@@UEBAHXZ
?GetHeight@CControlUI@DuiLib@@UEBAHXZ
?GetX@CControlUI@DuiLib@@UEBAHXZ
?GetY@CControlUI@DuiLib@@UEBAHXZ
?GetPadding@CControlUI@DuiLib@@UEBA?AUtagRECT@@XZ
?SetPadding@CControlUI@DuiLib@@UEAAXUtagRECT@@@Z
?GetFixedXY@CControlUI@DuiLib@@UEBA?AUtagSIZE@@XZ
?SetFixedXY@CControlUI@DuiLib@@UEAAXUtagSIZE@@@Z
?GetFixedWidth@CControlUI@DuiLib@@UEBAHXZ
?SetFixedWidth@CControlUI@DuiLib@@UEAAXH@Z
?GetMaxWidth@CControlUI@DuiLib@@UEBAHXZ
?SetMaxWidth@CControlUI@DuiLib@@UEAAXH@Z
?GetMinHeight@CControlUI@DuiLib@@UEBAHXZ
?SetMinHeight@CControlUI@DuiLib@@UEAAXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UEBAHXZ
?SetMaxHeight@CControlUI@DuiLib@@UEAAXH@Z
?SetRelativePos@CControlUI@DuiLib@@UEAAXUtagSIZE@@0@Z
?SetRelativeParentSize@CControlUI@DuiLib@@UEAAXUtagSIZE@@@Z
?GetRelativePos@CControlUI@DuiLib@@UEBA?AUtagTRelativePosUI@2@XZ
?IsRelativePos@CControlUI@DuiLib@@UEBA_NXZ
?GetToolTip@CControlUI@DuiLib@@UEBA?AVCDuiString@2@XZ
?SetToolTipWidth@CControlUI@DuiLib@@UEAAXH@Z
?GetToolTipWidth@CControlUI@DuiLib@@UEAAHXZ
?GetShortcut@CControlUI@DuiLib@@UEBA_WXZ
?SetShortcut@CControlUI@DuiLib@@UEAAX_W@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UEBA_NXZ
?SetContextMenuUsed@CControlUI@DuiLib@@UEAAX_N@Z
?GetUserData@CControlUI@DuiLib@@UEAAAEBVCDuiString@2@XZ
?SetUserData@CControlUI@DuiLib@@UEAAXPEB_W@Z
?IsVisibleEx@CControlUI@DuiLib@@UEBA_NXZ
?SetInternVisible@CControlUI@DuiLib@@UEAAX_N@Z
?IsEnabled@CControlUI@DuiLib@@UEBA_NXZ
?SetEnabled@CListElementUI@DuiLib@@UEAAX_N@Z
?IsMouseEnabled@CControlUI@DuiLib@@UEBA_NXZ

dxva2

DestroyPhysicalMonitors
SetVCPFeature
GetVCPFeatureAndVCPFeatureReply
GetNumberOfPhysicalMonitorsFromHMONITOR
GetPhysicalMonitorsFromHMONITOR

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2d86c3d0862c5db0166fe8f34e7c2a4e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

hnduilib

dxva2

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 4KB - Virtual size: 10KB

.pdata Size: 9KB - Virtual size: 9KB

.gfids Size: 512B - Virtual size: 308B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 93KB - Virtual size: 92KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 4KB - Virtual size: 10KB

.pdata
Size: 9KB - Virtual size: 9KB

.gfids
Size: 512B - Virtual size: 308B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 93KB - Virtual size: 92KB

.reloc
Size: 568KB - Virtual size: 572KB