6633b2461c2e946e4d190f37f7e2e244c32cfdbe3a80df2b28f212653963d534

Sharing

Copy URL Twitter E-mail

General

Target

6633b2461c2e946e4d190f37f7e2e244c32cfdbe3a80df2b28f212653963d534
Size

1.5MB
MD5

b91a9a6407386faf48a59fcc4c180144
SHA1

48a8557e5923029ada139f886a4dcb9ad5ad4b1c
SHA256

6633b2461c2e946e4d190f37f7e2e244c32cfdbe3a80df2b28f212653963d534
SHA512

7f11edffec65bb5822d737a9bb811638ccf189a74d22ed102f290bd86109ca8472136cd9bf6c0b9dc7411c93777d87b1ec4f4ca69d17111527053d64404a621e
SSDEEP

49152:AuGEgyjkZVZMw2Ng4gopNKIyEO/kVJt2oeEpY9oeMVZ5HqWk0U:cEgyjkBM+4gSNKIyEO8zsoeEpYI/qWk0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6633b2461c2e946e4d190f37f7e2e244c32cfdbe3a80df2b28f212653963d534

Files

6633b2461c2e946e4d190f37f7e2e244c32cfdbe3a80df2b28f212653963d534
.dll windows:5 windows x86 arch:x86

2e46ae876b19b258bcce92b0cf8518b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetProfileIntA
Sleep
SearchPathA
GetWindowsDirectoryA
GetNumberFormatA
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
ExitThread
CreateThread
RaiseException
HeapSize
HeapQueryInformation
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
CompareStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetTempFileNameA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
GetTempPathA
SetFilePointer
WriteFile
lstrcmpiA
FindResourceA
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
lstrcpyA
DeleteFileA
LoadLibraryW
InterlockedIncrement
CopyFileA
GlobalSize
FormatMessageA
lstrlenW
GlobalFlags
MulDiv
GetCurrentDirectoryA
SetErrorMode
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalUnlock
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
GetModuleHandleA
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
WideCharToMultiByte
CompareStringA
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
FreeLibrary
GetACP
GetOEMCP
FlushFileBuffers
GetCPInfo
ExitProcess
ReadFile
GetFileSize
CreateFileA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetProcAddress

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

crypt32

CryptEnumOIDInfo

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

user32

LoadMenuA
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
GetMenuDefaultItem
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
GetIconInfo
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
InvertRect
HideCaret
GetNextDlgGroupItem
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
IntersectRect
DestroyMenu
GetMenuItemInfoA
InflateRect
CharUpperA
DestroyIcon
IsIconic
ShowWindow
MoveWindow
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
LoadImageA
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetSysColorBrush
LoadCursorA
GetClassInfoA
DefWindowProcA
MapWindowPoints
GetClientRect
LoadCursorW
SetLayeredWindowAttributes
GetSystemMetrics
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetMenuStringA
AppendMenuA
GetMenuItemID
GetSubMenu
RemoveMenu
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
InsertMenuA
GetMenuItemCount
DeleteMenu
UnregisterClassA
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
CreateDialogIndirectParamA
GetNextDlgTabItem
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageA
ModifyMenuA
GetMenuState
EndDialog
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
GetDlgItem
DrawEdge
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
RedrawWindow

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetObjectA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
ExtSelectClipRgn
DeleteDC
SelectObject
SetViewportOrgEx
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileA
CreateDCA
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
SetTextColor
EnumFontFamiliesA
GetTextExtentPoint32A
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
GetTextCharsetInfo
SetROP2
SetPolyFillMode
SetBkMode
GetTextMetricsA
SetBkColor
RestoreDC
SaveDC
ScaleWindowExtEx
SetWindowExtEx
CreateFontIndirectA
CreateBitmap
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
OffsetWindowOrgEx

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetFileInfoA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
CoTaskMemAlloc
ReleaseStgMedium
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoInitialize
CoCreateInstance
OleDuplicateData
CoUninitialize
CoTaskMemFree
CoCreateGuid
RevokeDragDrop

oleaut32

VariantClear
SysStringLen
VariantChangeType
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString
SysAllocStringLen
SysFreeString

Exports

Exports

SignalChromeElf

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e46ae876b19b258bcce92b0cf8518b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msimg32

comctl32

shlwapi

crypt32

gdiplus

oleacc

imm32

winmm

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 253KB - Virtual size: 253KB

.data Size: 22KB - Virtual size: 51KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 159KB - Virtual size: 159KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 253KB - Virtual size: 253KB

.data
Size: 22KB - Virtual size: 51KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 159KB - Virtual size: 159KB