3fe5f28e83895bf57000d1f7cd28d47a5f45149e24b4ea9b0558d3acfc22111e

Sharing

Copy URL

Twitter E-mail

General

Target

3fe5f28e83895bf57000d1f7cd28d47a5f45149e24b4ea9b0558d3acfc22111e
Size

2.5MB
MD5

da886444ce2a7af5dab37e89f340b67f
SHA1

85f15c7bdd691572423e0fc30c8d02d42ba6d54b
SHA256

3fe5f28e83895bf57000d1f7cd28d47a5f45149e24b4ea9b0558d3acfc22111e
SHA512

8ebb266be28d0b26244987ee0c28fdb877ed18495657ceef4c73bf35b4e9a8604cd09fb6d1112052598ec7070c2b740d1460199f19f33c2b2563b15745cab070
SSDEEP

49152:UCsNKe3WRU09DMMKeD8LjFXIZzMw00I07NAz/33JwMZ2H:UCsNBeU09DMMKeD8XFXIZzMwLI07NAzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe5f28e83895bf57000d1f7cd28d47a5f45149e24b4ea9b0558d3acfc22111e

Files

3fe5f28e83895bf57000d1f7cd28d47a5f45149e24b4ea9b0558d3acfc22111e
.dll windows:6 windows x86 arch:x86

197ca983cc043e06cf46da92c62cad93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeFormatW
GetDateFormatW
GetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetTimeZoneInformation
WriteConsoleW
GetFileType
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
SetLastError
InterlockedFlushSList
RtlUnwind
GetStringTypeW
ExitProcess
LocalFree
FormatMessageA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
Sleep
lstrlenA
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryA
FreeLibrary
OutputDebugStringA
GetModuleFileNameA
TerminateProcess
WaitForSingleObject
WideCharToMultiByte
GetCurrentProcess
CloseHandle
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeResource
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GlobalSize
GlobalFree
MulDiv
CopyFileA
GetCurrentProcessId
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiA
GetVolumeInformationA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GetVersionExA
lstrcmpA
SetThreadPriority
ResumeThread
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
FileTimeToSystemTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
lstrcpyA
GetCurrentDirectoryA
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTickCount
GetProfileIntA
SearchPathA
GetTempFileNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
CompareStringW
LCMapStringW
MultiByteToWideChar

user32

SetMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
BeginPaint
PostMessageA
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetWindowTextLengthA
AdjustWindowRectEx
MapWindowPoints
EqualRect
GetClassLongA
GetParent
GetClassNameA
GetTopWindow
GetLastActivePopup
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
LoadIconA
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
MoveWindow
CheckDlgButton
SendDlgItemMessageA
IsWindowEnabled
SetWindowTextA
IsDialogMessageA
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetMenuStringA
GetMenuState
InsertMenuA
AppendMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
ClientToScreen
GetWindowThreadProcessId
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
CharUpperA
SetRectEmpty
GetKeyNameTextA
MapVirtualKeyA
InflateRect
IntersectRect
PostQuitMessage
GetMessageA
TranslateMessage
ShowOwnedPopups
SetCursor
DestroyMenu
GetMenuItemInfoA
CopyImage
GetSysColorBrush
LoadCursorA
RealChildWindowFromPoint
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
DestroyIcon
LoadImageW
DeleteMenu
CreatePopupMenu
GetMenuDefaultItem
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
GetMenu
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetParent
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
GetMessageTime
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
EnableWindow
GetSysColor
CopyRect
GetWindowLongA
GetActiveWindow
InvalidateRect
LoadBitmapW
SendMessageA
GetClientRect
FillRect
ReleaseDC
GetWindowDC
GetWindowRect
SetRect
GetSystemMetrics
PtInRect
SystemParametersInfoA
GetWindow
GetDlgCtrlID
IsWindow
SetTimer
SetForegroundWindow
OffsetRect
SetWindowRgn
GetDesktopWindow
KillTimer
SetWindowLongA
FrameRect
DrawStateA
UnregisterClassA
MessageBoxA
FindWindowA
GetMessagePos
ScreenToClient
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCapture
EndPaint
GetKeyState
GetFocus
SetFocus
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
GetCursorPos
LoadMenuW
GetSubMenu
UpdateWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
MessageBeep
DefWindowProcA

gdi32

GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetBkColor
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
ExcludeClipRect
MoveToEx
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
CreateFontIndirectA
SetRectRgn
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreateFontA
GetStockObject
CreateCompatibleDC
GetObjectA
StretchBlt
CreateSolidBrush
BitBlt
CreateRoundRectRgn
GetTextExtentPoint32A
SelectObject
CreateCompatibleBitmap
Rectangle
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePatternBrush
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
TextOutA
GetClipBox
CreatePen
CreateHatchBrush
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
SetTextColor
SetMapMode
GetTextFaceA
GetSystemPaletteEntries
RealizePalette
GetBkColor
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
LPtoDP
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
SetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap

oleaut32

VarBstrFromDate
VariantCopy
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysAllocString

msimg32

TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA

uxtheme

DrawThemeText
DrawThemeParentBackground
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData

iphlpapi

GetAdaptersInfo
GetNumberOfInterfaces

libcrypto-1_1

BN_CTX_start
BN_CTX_get
EC_GROUP_new_by_curve_name
EC_GROUP_get0_order
EC_POINT_new
BN_rand_range
BN_is_zero
EC_POINT_mul
EC_POINT_get_affine_coordinates_GFp
BN_bn2binpad
BN_CTX_end
BN_CTX_free
EC_GROUP_free
EC_POINT_free
BN_CTX_new
EVP_MD_CTX_new
BN_bin2bn
EC_GROUP_get0_generator
EC_POINT_set_affine_coordinates_GFp
EVP_sm4_ecb
EVP_sm4_cbc
EVP_sm4_cfb128
BN_CTX_secure_new
EVP_sm3
EVP_DigestInit_ex
EVP_DigestUpdate
EVP_DigestFinal_ex
EVP_MD_CTX_free
BN_set_word
BN_mod_add
BN_add
BN_cmp
BN_mod_inverse
BN_mul
BN_mod_sub
BN_mod_mul
EC_POINT_add
EVP_CIPHER_CTX_free
EVP_CIPHER_CTX_new
EVP_DecryptFinal_ex
EVP_DecryptUpdate
EVP_DecryptInit_ex
EVP_EncryptFinal_ex
EVP_EncryptUpdate
EVP_CIPHER_CTX_set_padding
EVP_EncryptInit_ex

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageI
GdiplusShutdown
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipSetInterpolationMode

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA

shell32

SHAppBarMessage
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

TransService

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 437KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

197ca983cc043e06cf46da92c62cad93

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

msimg32

comctl32

shlwapi

uxtheme

iphlpapi

libcrypto-1_1

oleacc

gdiplus

imm32

winmm

winspool.drv

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 437KB - Virtual size: 437KB

.data Size: 21KB - Virtual size: 69KB

.rsrc Size: 231KB - Virtual size: 230KB

.reloc Size: 146KB - Virtual size: 146KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 437KB - Virtual size: 437KB

.data
Size: 21KB - Virtual size: 69KB

.rsrc
Size: 231KB - Virtual size: 230KB

.reloc
Size: 146KB - Virtual size: 146KB

.rmnet
Size: 56KB - Virtual size: 60KB