ff4d4a5bb5f6777eb214d9f71c7682ba8bae30fb1cc402bfeab959a258f70a40

Sharing

Copy URL Twitter E-mail

General

Target

ff4d4a5bb5f6777eb214d9f71c7682ba8bae30fb1cc402bfeab959a258f70a40
Size

3.6MB
MD5

014f600cba8aa19e14552c1b4dae5b4f
SHA1

2f0e8d82012554c23d33816025bb6b457dc1d239
SHA256

ff4d4a5bb5f6777eb214d9f71c7682ba8bae30fb1cc402bfeab959a258f70a40
SHA512

c18e6d99bc66101c9f51407f4f720c1a318dad106a96f43e83390490af4ac024142bf03cd00babf0294eaa602214f37ea75cc25472024ef52f1e5e1b05c2e1e0
SSDEEP

98304:8XHcpzSieSviwCcOWz4WuM9CvlBvcefU8FPMv3shDKKDGsWLh:8XcpzSisewPYoPMv3GDNi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff4d4a5bb5f6777eb214d9f71c7682ba8bae30fb1cc402bfeab959a258f70a40

Files

ff4d4a5bb5f6777eb214d9f71c7682ba8bae30fb1cc402bfeab959a258f70a40
.exe windows:6 windows x86 arch:x86

0f334e23bd226ec1b8864b1713b617b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcef

cef_string_utf16_set
cef_string_userfree_utf16_free
cef_post_task
cef_execute_process
cef_initialize
cef_shutdown
cef_quit_message_loop
cef_string_utf8_to_utf16
cef_api_hash
cef_string_utf16_cmp
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_browser_host_create_browser
cef_string_list_free
cef_string_list_alloc
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_string_map_alloc
cef_string_map_free
cef_string_list_clear
cef_string_multimap_alloc
cef_string_multimap_free
cef_log
cef_string_utf16_clear

kernel32

GetCurrentDirectoryW
InitializeCriticalSection
ExitProcess
GetTempPathA
GetModuleFileNameA
GetFileTime
CreateFileA
GetTickCount
VerifyVersionInfoA
CreateWaitableTimerA
LocalFree
GetProcAddress
GetModuleHandleA
GetVersionExA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
QueueUserAPC
WaitForMultipleObjects
Sleep
SetWaitableTimer
CreateEventW
SleepEx
WaitForSingleObject
SetEvent
InitializeCriticalSectionAndSpinCount
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
FindClose
CloseHandle
FindNextFileW
GetACP
MultiByteToWideChar
FormatMessageA
WideCharToMultiByte
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
DecodePointer
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
SetFilePointerEx
SetLastError
FindFirstFileW
GetStdHandle
SetStdHandle
HeapQueryInformation
GetCommandLineW
ReadFile
SetFilePointer
WriteFile
VerSetConditionMask
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetFileType
SetEnvironmentVariableW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
LCMapStringEx
GetStringTypeW
InitOnceComplete
InitOnceBeginInitialize
GetFileInformationByHandleEx
AreFileApisANSI
GetFileAttributesExW
FindFirstFileExW
CreateFileW
GetLocaleInfoEx
TryAcquireSRWLockExclusive
GetExitCodeThread
WaitForSingleObjectEx
QueryPerformanceFrequency
RaiseException
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetWindowsDirectoryA
GetProfileIntA
SearchPathA
GetTickCount64
FindResourceExW
lstrcpyA
GetCurrentDirectoryA
GetUserDefaultLCID
GetTempFileNameA
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
lstrcmpA
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
MulDiv
CopyFileA
DeleteFileA
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
GetVolumeInformationA
OutputDebugStringA
DuplicateHandle
GetCurrentProcess
GetModuleFileNameW
GetModuleHandleW
LoadLibraryA
LoadLibraryW
lstrcmpiA
GetThreadLocale
GetCurrentProcessId
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
SetThreadPriority
ResumeThread
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentThread

user32

LoadMenuW
GetSubMenu
TrackPopupMenu
DrawIcon
SetActiveWindow
GetSystemMetrics
GetCursorPos
LoadIconW
SetTimer
IsIconic
PeekMessageA
DispatchMessageA
PtInRect
UnregisterClassA
TranslateMessage
GetClassNameA
EnableWindow
LoadCursorA
GetParent
ReleaseDC
GetDC
DestroyWindow
IsWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
CopyRect
SendMessageA
UpdateLayeredWindow
SystemParametersInfoA
SetParent
GetDesktopWindow
SetWindowTextA
SetForegroundWindow
MoveWindow
GetClientRect
PostMessageA
InvalidateRect
SetWindowLongA
SetLayeredWindowAttributes
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
SetWindowPos
GetWindowRect
GetWindowLongA
ShowWindow
InvertRect
HideCaret
GetIconInfo
GetUpdateRect
SubtractRect
MapVirtualKeyExA
IsCharLowerA
TranslateMDISysAccel
DefMDIChildProcA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
CharUpperA
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
IsWindowEnabled
MessageBoxA
GetWindowThreadProcessId
GetLastActivePopup
RegisterWindowMessageA
GetMessagePos
GetMessageTime
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
UpdateWindow
GetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetWindowTextLengthA
AdjustWindowRectEx
MapWindowPoints
EqualRect
GetClassLongA
GetTopWindow
GetWindow
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadIconA
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
CheckDlgButton
SendDlgItemMessageA
IsDialogMessageA
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
GetMessageA
GetActiveWindow
ShowOwnedPopups
SetCursor
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
IsZoomed
MessageBeep
OffsetRect
WaitMessage
KillTimer
InflateRect
IntersectRect
DestroyMenu
GetMenuItemInfoA
SetRectEmpty
CharNextA
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
BringWindowToTop
ReleaseCapture
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
DestroyIcon
LoadImageA
UnpackDDElParam
ReuseDDElParam
SetCapture
SetWindowRgn
IsRectEmpty
LoadCursorW
CopyAcceleratorTableA
InvalidateRgn
SetRect
DeleteMenu
WindowFromPoint
GetNextDlgGroupItem
MonitorFromPoint
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
LoadImageW
TrackMouseEvent
GetSystemMenu
NotifyWinEvent
ModifyMenuA
PostThreadMessageA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
EnumChildWindows
RegisterClipboardFormatA
LockWindowUpdate
SetClassLongA
GetKeyNameTextA
UnionRect
DefFrameProcA
DrawEdge
DrawFrameControl
DrawFocusRect
SetCursorPos
CharUpperBuffA
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DrawIconEx

gdi32

GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
SetPixelV
GetTextFaceA
GetObjectType
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
RoundRect
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
Rectangle
Polyline
Polygon
CreatePolygonRgn
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SelectObject
CreateDIBSection
BitBlt
SetWindowExtEx
EnumFontFamiliesExA
OffsetRgn
CreateRoundRectRgn
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
GetDIBits
GetTextMetricsA
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetRgnBox
LPtoDP
Ellipse
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateEllipticRgn
GetTextColor
GetBkColor
GetTextExtentPoint32A
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectA
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA
DragQueryFileA
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderA
ShellExecuteA
SHGetFileInfoA
SHGetPathFromIDListA

ole32

CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
LoadTypeLi
SysStringLen
OleCreateFontIndirect
SysAllocString
VariantChangeType
VariantClear
SafeArrayDestroy
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantInit

advapi32

RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegQueryValueA

msimg32

TransparentBlt
AlphaBlend

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetThemePartSize
IsAppThemed
GetThemeColor
GetCurrentThemeName
GetWindowTheme
GetThemeSysColor

gdiplus

GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdipFree
GdipAlloc
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode

oledlg

ord8

ws2_32

WSASocketW
WSASend
WSARecv
WSAIoctl
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
shutdown
setsockopt
select
ntohs
ntohl
listen
htons
htonl
getsockopt
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
getaddrinfo
freeaddrinfo
WSAAddressToStringW

iphlpapi

GetAdaptersAddresses

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 507KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f334e23bd226ec1b8864b1713b617b4

Headers

DLL Characteristics

File Characteristics

Imports

libcef

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

msimg32

comctl32

shlwapi

uxtheme

gdiplus

oledlg

ws2_32

iphlpapi

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 507KB - Virtual size: 506KB

.data Size: 50KB - Virtual size: 69KB

.rsrc Size: 174KB - Virtual size: 173KB

.reloc Size: 193KB - Virtual size: 192KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 507KB - Virtual size: 506KB

.data
Size: 50KB - Virtual size: 69KB

.rsrc
Size: 174KB - Virtual size: 173KB

.reloc
Size: 193KB - Virtual size: 192KB