84284c4b491393cc66afd870e737fe8e68f15bc419c00278d3593ca2571a116d

Sharing

Copy URL Twitter E-mail

General

Target

84284c4b491393cc66afd870e737fe8e68f15bc419c00278d3593ca2571a116d
Size

4.6MB
MD5

bf6210f5de8daef2c9234543315e4979
SHA1

b76b4848b2b13055bf0334be8e563dedbdce2c7c
SHA256

84284c4b491393cc66afd870e737fe8e68f15bc419c00278d3593ca2571a116d
SHA512

99c8e37a2118ccbffd6b0d257d77e91f10f05e49724b13bd4c3dd7f81cfc27b014c923fcc54ace1b9644d421434e9b3fc66d7ff0500ae6aa9f6eebbe4b934755
SSDEEP

49152:bGtNiX+Ak+Sz1IdrySy7e1vx1+4528gxPqJkH48Yac0inkfR0HguVqpynqdu:MAJ+1IxypSTU84PufnwR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84284c4b491393cc66afd870e737fe8e68f15bc419c00278d3593ca2571a116d

Files

84284c4b491393cc66afd870e737fe8e68f15bc419c00278d3593ca2571a116d
.dll windows:6 windows x86 arch:x86

e5f43a15f0031e40cfa01b3336368bbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shared

_GetInfiniteWaitEvent@0
_uFormatSystemErrorMessage@8
_uBugCheck@0
_uPrintCrashInfo_OnEvent@8

kernel32

GetCurrentProcess
GetSystemTimeAsFileTime
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
MulDiv
LoadLibraryExW
GetVersionExW
lstrlenW
VerifyVersionInfoW
VerSetConditionMask
GetTickCount
GlobalFree
GlobalAlloc
GlobalSize
IsDebuggerPresent
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
DisableThreadLibraryCalls
LocalFree
FormatMessageA
GetThreadLocale
SleepConditionVariableSRW
WakeAllConditionVariable
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
GetModuleHandleW
InterlockedPopEntrySList
GetProcAddress
GlobalUnlock
GlobalLock
InitializeSListHead
OutputDebugStringW
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
RaiseException
HeapReAlloc
LockResource
GetLastError
HeapSize
GetCurrentThreadId
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SetLastError
HeapFree
SizeofResource
InitOnceBeginInitialize
InitOnceComplete
SetUnhandledExceptionFilter
EncodePointer
UnhandledExceptionFilter

user32

GetFocus
MessageBeep
NotifyWinEvent
EnableWindow
AdjustWindowRect
GetClipboardData
DrawFocusRect
DrawTextW
PtInRect
DrawFrameControl
GetDlgCtrlID
OffsetRect
CopyRect
GetMenuBarInfo
InflateRect
IntersectRect
SystemParametersInfoW
ReleaseDC
GetWindowDC
RegisterWindowMessageW
IsWindowEnabled
InvalidateRect
RedrawWindow
EndPaint
BeginPaint
CharLowerW
UpdateWindow
WindowFromPoint
IsRectEmpty
OpenClipboard
GetKeyState
SetWindowTextW
GetClassNameW
GetSysColor
GetWindowLongW
GetWindowTextLengthW
DefWindowProcW
CallWindowProcW
MonitorFromPoint
GetWindow
GetWindowRect
TrackMouseEvent
GetMessagePos
UnhookWindowsHookEx
DestroyWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
GetScrollInfo
SetTimer
SetCursor
SetWindowsHookExW
CallNextHookEx
GetNextDlgTabItem
InvalidateRgn
ScrollWindowEx
SetCapture
KillTimer
SetFocus
GetCursorPos
ScreenToClient
PostMessageW
SetLayeredWindowAttributes
DrawIconEx
GetDC
CloseClipboard
SetScrollPos
SetWindowPos
MonitorFromWindow
GetMenuItemCount
CreateWindowExW
SendMessageW
EndDialog
UnregisterClassW
CreatePopupMenu
RegisterClassExW
TrackPopupMenu
ShowWindow
IsWindow
GetMonitorInfoW
ClientToScreen
GetIconInfo
GetMenuStringW
MapWindowPoints
FillRect
FrameRect
DestroyMenu
LoadCursorW
SetWindowLongW
GetClientRect
GetDlgItem
AppendMenuW
GetClassInfoExW
GetParent
DialogBoxParamW
GetWindowTextW
DrawIcon

gdi32

CreatePen
SetBkColor
ExtTextOutW
SetDCBrushColor
SetDCPenColor
LineTo
MoveToEx
SetBkMode
GetTextColor
GetBkColor
OffsetRgn
CombineRgn
CreateRectRgnIndirect
GetDeviceCaps
GetObjectW
CreateCompatibleDC
GetTextMetricsW
LPtoDP
OffsetWindowOrgEx
SetWindowOrgEx
CreateCompatibleBitmap
SetViewportOrgEx
BitBlt
GetTextExtentPoint32W
CreatePolygonRgn
FrameRgn
FillRgn
CreateRectRgn
GetCurrentObject
RestoreDC
SaveDC
SetTextColor
SelectObject
DeleteObject
DeleteDC
CreateFontIndirectW
IntersectClipRect
GetStockObject

shell32

ord74

ole32

RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
DoDragDrop
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

VariantClear
SysAllocString
VariantInit

msvcp140

?_Throw_Cpp_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ
_Mtx_unlock
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ

msvcp140_atomic_wait

__std_wait_for_threadpool_work_callbacks
__std_close_threadpool_work
__std_create_threadpool_work
__std_parallel_algorithms_hw_threads
__std_bulk_submit_threadpool_work

comctl32

ord410
ord413
ImageList_DrawEx
ImageList_GetIconSize

uxtheme

IsThemePartDefined
CloseThemeData
GetThemePartSize
OpenThemeData
DrawThemeTextEx
DrawThemeBackground
SetWindowTheme

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipCreateFromHDC
GdiplusStartup
GdipSetSmoothingMode
GdipDrawLineI
GdiplusShutdown
GdipCreatePen1
GdipDeleteGraphics
GdipDeletePen

vcruntime140

memcpy
memcmp
__std_type_info_destroy_list
_except_handler4_common
__current_exception_context
__current_exception
memset
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
__std_terminate
_purecall
strstr
memmove
_CxxThrowException
__std_type_info_compare

api-ms-win-crt-heap-l1-1-0

realloc
_expand
free
_recalloc
malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_errno
abort
_invalid_parameter_noinfo
exit
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-string-l1-1-0

wmemcpy_s
strlen
strncpy
_wcsnicmp
_wcsicmp
wcsnlen

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vswprintf_s
__stdio_common_vswprintf

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-math-l1-1-0

_libm_sse2_pow_precise
lround
__libm_sse2_pow

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 640KB - Virtual size: 640KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e5f43a15f0031e40cfa01b3336368bbd

Headers

DLL Characteristics

File Characteristics

Imports

shared

kernel32

user32

gdi32

shell32

ole32

oleaut32

msvcp140

msvcp140_atomic_wait

comctl32

uxtheme

msimg32

dwmapi

oleacc

gdiplus

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

IPPCODE Size: 640KB - Virtual size: 640KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 19KB - Virtual size: 23KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 75KB - Virtual size: 75KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 2.7MB - Virtual size: 2.7MB

IPPCODE
Size: 640KB - Virtual size: 640KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 19KB - Virtual size: 23KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 75KB - Virtual size: 75KB

.movehcs
Size: 512B - Virtual size: 4KB