c984154666e526c4247075f647bcb2e6d373ba41597369ff1ebcaa34b7f76c49

Sharing

Copy URL

Twitter E-mail

General

Target

c984154666e526c4247075f647bcb2e6d373ba41597369ff1ebcaa34b7f76c49
Size

2.1MB
MD5

84c7bb16ce1c850b4869ccc61ee81663
SHA1

85d7718cd1f757c3c1b8c53429335ef7159ce0d4
SHA256

c984154666e526c4247075f647bcb2e6d373ba41597369ff1ebcaa34b7f76c49
SHA512

912267f868a7dae8f4118b4b4c258a8747272995ec70631a7e2786f6081d0e8a39ec5af86185a4e0b6aba22bc1df57d730ed533955f3afcb43549f9cb4b9922a
SSDEEP

49152:ix92+HE0d1DZ4oXQSx+ZD2vLbE57k7/PFc+SBgmu/N:ak41V4ogSxzvLb87kPhSamu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c984154666e526c4247075f647bcb2e6d373ba41597369ff1ebcaa34b7f76c49

Files

c984154666e526c4247075f647bcb2e6d373ba41597369ff1ebcaa34b7f76c49
.dll windows:6 windows x86

844a95542aa8750c2c705c1f478890cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetStdHandle
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetProcessHeap
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetStdHandle
GetModuleFileNameA
HeapReAlloc
GetModuleHandleExW
ExitThread
HeapFree
HeapAlloc
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
WriteConsoleW
FreeLibrary
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
OutputDebugStringW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetStringTypeW
LCMapStringW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
SetLastError
QueryPerformanceCounter
GetCurrentThread
GetCurrentProcess
WaitForSingleObjectEx
DuplicateHandle
GetCurrentThreadId
TryEnterCriticalSection
LeaveCriticalSection
lstrcmpiW
GetLocalTime
VerifyVersionInfoW
GetCurrentProcessId
VerSetConditionMask
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
FormatMessageW
LocalFree
SystemTimeToFileTime
WriteFile
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
CreateDirectoryW
MulDiv
ExitProcess
GetACP
GetTickCount
GetLastError
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetCurrentDirectoryW
GetModuleHandleW
GlobalUnlock
GlobalLock
GetProcAddress
LoadLibraryW
GetModuleFileNameW
lstrcatW
GetFileAttributesW
FindClose
lstrcpynW
lstrlenW
FindFirstFileW
FindResourceW
LoadResource
LockResource
FreeResource
SizeofResource
EnterCriticalSection
SetErrorMode
Sleep
lstrcpyW
WideCharToMultiByte
GlobalFree
GlobalAlloc
MultiByteToWideChar
FreeLibraryAndExitThread

user32

GetClientRect
ScreenToClient
FindWindowExW
IsWindow
GetMessageW
TranslateMessage
DispatchMessageW
PostMessageW
CreateWindowExW
DestroyWindow
SetWindowPos
IsWindowVisible
IsIconic
IsZoomed
GetCursorPos
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetWindowRect
CreateCaret
GetCaretBlinkTime
SetCaretPos
MapWindowPoints
GetSysColor
IntersectRect
UnionRect
IsRectEmpty
CharPrevW
CharNextW
SendMessageW
PostQuitMessage
wsprintfW
SetFocus
FillRect
PtInRect
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
SetForegroundWindow
GetGUIThreadInfo
InvalidateRgn
CreateAcceleratorTableW
DrawTextA
wsprintfA
IsWindowEnabled
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
LoadImageW
GetCaretPos
ShowCaret
HideCaret
TrackPopupMenu
AppendMenuW
EnableMenuItem
DestroyMenu
CreatePopupMenu
SetRect
ClientToScreen
DrawTextW
MonitorFromPoint
GetWindowRgn
MoveWindow
UpdateLayeredWindow
AdjustWindowRectEx
GetPropW
SetPropW
GetMenu
GetSystemMetrics
EnableWindow
ShowWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMonitorInfoW
MonitorFromWindow
MessageBoxW
SetWindowRgn
LoadCursorW
OffsetRect
InflateRect
SetCursor

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPointA
CreateDIBitmap
SetBitmapBits
GetBitmapBits
GdiFlush
TextOutW
MoveToEx
GetObjectA
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
CreateDIBSection
PtInRegion
CreateRectRgn
CreateRoundRectRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SelectObject
SaveDC
RestoreDC
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
BitBlt

shell32

ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW

ole32

OleDuplicateData
DoDragDrop
ReleaseStgMedium
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
RegisterDragDrop
CoCreateInstance

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdiplus

GdiplusShutdown
GdipFillRectangleI
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipAlloc
GdipDrawRectangleI
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdiplusStartup

ws2_32

gethostname
WSAStartup
gethostbyname

Exports

Exports

CloseReaderWnd
ForbidSelectInstallPath
GetInstallPath
Init
IsDeleteConfig
SetInstallFunction
SetProgress
SetUninstallFunction
ShowInstallWnd
ShowUninstallWnd

Sections

.text
Size: 571KB - Virtual size: 571KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

844a95542aa8750c2c705c1f478890cd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

imm32

comctl32

gdiplus

ws2_32

Exports

Exports

Sections

.text Size: 571KB - Virtual size: 571KB

.rdata Size: 151KB - Virtual size: 150KB

.data Size: 12KB - Virtual size: 27KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 44KB - Virtual size: 43KB

.text
Size: 571KB - Virtual size: 571KB

.rdata
Size: 151KB - Virtual size: 150KB

.data
Size: 12KB - Virtual size: 27KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 44KB - Virtual size: 43KB