804f32a11b2059fd364eaf0e0e840b56a547229824f4975538809b544440d0e4

Sharing

Copy URL

Twitter E-mail

General

Target

804f32a11b2059fd364eaf0e0e840b56a547229824f4975538809b544440d0e4
Size

748KB
MD5

26026f025b6aed7d18dd730d279cc05b
SHA1

143449983ccee548e52b556a1b306844f13bde96
SHA256

804f32a11b2059fd364eaf0e0e840b56a547229824f4975538809b544440d0e4
SHA512

29e2375a884547697f31ae60b01eb29b4bf299364a1b6385985bebc303d2ccaa0e3e778d28406bdb90dfdd962188548121b4f7035ad5bc7f9e2e58d3e91bc51c
SSDEEP

12288:RI+lhKL6kU3fcIiizs7E7PkDsoJaHe7iS2iuqLTsx+Ba+kkkkkkkkkkkkk2kkkkO:RI+c60YegiuqLTMkaS81HL2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
804f32a11b2059fd364eaf0e0e840b56a547229824f4975538809b544440d0e4

Files

804f32a11b2059fd364eaf0e0e840b56a547229824f4975538809b544440d0e4
.dll windows:4 windows x86

a562f5d8ed983fd69c86c8c431794e4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

TransparentBlt

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

FindResourceExW
EnumResourceNamesW
CreateThread
CloseHandle
WaitForSingleObject
CreateFileW
FreeLibrary
WideCharToMultiByte
ReadFile
SetFilePointerEx
GetFileSizeEx
LoadLibraryExW
MultiByteToWideChar
FlushFileBuffers
WriteFile
WaitForMultipleObjects
GetUserDefaultLangID
FindClose
FindNextFileW
FindFirstFileW
GetCurrentThreadId
ExitProcess
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
EnumResourceLanguagesW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetModuleFileNameA
GetStdHandle
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetProcessHeap
GetVersionExA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetLocaleInfoW
TerminateProcess
HeapAlloc
HeapFree
LoadLibraryA
OutputDebugStringA
SetLastError
GetLastError
LoadLibraryW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
GetModuleFileNameW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
SetEndOfFile
GetTickCount

user32

SetCursor
IntersectRect
GetWindowLongW
GetClassNameW
UpdateWindow
SetFocus
UnhookWindowsHookEx
GetKeyboardState
InflateRect
OffsetRect
SetWindowsHookExW
GetCursorPos
ScreenToClient
GetFocus
CallNextHookEx
IsChild
SetScrollInfo
ShowScrollBar
DrawTextW
AdjustWindowRect
GetDlgItemTextW
GetWindowTextW
GetWindowTextLengthW
GetDlgItemInt
CreatePopupMenu
InsertMenuItemW
TrackPopupMenu
DestroyMenu
SetWindowTextW
DialogBoxParamW
SetRect
GetParent
GetDesktopWindow
GetSystemMetrics
ClientToScreen
GetWindowRect
DrawFrameControl
CopyRect
UnionRect
MessageBoxW
IsWindowVisible
EnableWindow
SetDlgItemInt
DestroyIcon
SetWindowLongW
IsDlgButtonChecked
PostMessageW
SetWindowPos
EndDialog
FillRect
FrameRect
ShowWindow
CheckDlgButton
GetClientRect
BeginPaint
EndPaint
DestroyWindow
LoadImageW
SendDlgItemMessageW
GetDC
ReleaseDC
PtInRect
SetTimer
KillTimer
InvalidateRect
GetSysColor
CreateDialogParamW
CreateWindowExW
SetDlgItemTextW
GetDlgItem
SendMessageW
IsWindowEnabled

gdi32

CreateSolidBrush
SetDCBrushColor
GetStockObject
CreateFontIndirectW
SetBkMode
SelectObject
BitBlt
DeleteDC
DeleteObject
GetObjectW
GetTextExtentPoint32W
CreateDIBSection
SelectClipRgn
CreateRectRgn
CreateCompatibleDC

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

SHGetMalloc
SHBrowseForFolderW
ShellExecuteExW
SHGetPathFromIDListW

ole32

CoUninitialize
CoInitializeEx

Exports

Exports

PluginMain

Sections

.text
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a562f5d8ed983fd69c86c8c431794e4d

Headers

File Characteristics

Imports

msimg32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 320KB - Virtual size: 319KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 328KB - Virtual size: 326KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 320KB - Virtual size: 319KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 328KB - Virtual size: 326KB

.reloc
Size: 20KB - Virtual size: 19KB