ca7714b2d5594787c6983c2ecaddae5a842fc582b9b0bb99a42db9c3bdedb779

Sharing

Copy URL Twitter E-mail

General

Target

ca7714b2d5594787c6983c2ecaddae5a842fc582b9b0bb99a42db9c3bdedb779
Size

2.3MB
MD5

74e4ffb2b581c649a1b785f69df9e04f
SHA1

a140eb3393c6b6f6d87153e23101fb5f25c2889b
SHA256

ca7714b2d5594787c6983c2ecaddae5a842fc582b9b0bb99a42db9c3bdedb779
SHA512

cb9ff0dd38f8492d36dc7969fb5f43a513e17434b134708d75221da4f1c876cf5b60a2d55c661da73dd7aabd1fa2a16e23d932eff98cbc61ca75b23d029b55ee
SSDEEP

49152:umstVVlghYU5doxG/WY2YjYVcFWDXbuT1U06IY7gt:tqxw0DHQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca7714b2d5594787c6983c2ecaddae5a842fc582b9b0bb99a42db9c3bdedb779

Files

ca7714b2d5594787c6983c2ecaddae5a842fc582b9b0bb99a42db9c3bdedb779
.dll windows:6 windows x64 arch:x64

af009b86239cb510030c7d240bb3fffb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_DrawEx
ImageList_ReplaceIcon
ord413
ord412
ImageList_Create
ord410
ImageList_Destroy

gdiplus

GdipCloneImage
GdipLoadImageFromStream
GdipGraphicsClear
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromScan0
GdipCreateHICONFromBitmap
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawLineI
GdipDrawLinesI
GdipDrawImageRectI
GdiplusStartup
GdipDrawImageI
GdipDrawLines
GdipDeletePen
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetCompositingMode
GdipDrawImageRect
GdiplusShutdown
GdipCreatePen1

uxtheme

DrawThemeTextEx
GetThemePartSize
SetWindowTheme
OpenThemeData
CloseThemeData
IsThemePartDefined
DrawThemeBackground
EnableThemeDialogTexture

kernel32

AcquireSRWLockShared
DecodePointer
GetSystemInfo
VerSetConditionMask
LoadLibraryExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CloseHandle
WaitForMultipleObjects
WaitForSingleObject
OutputDebugStringW
GetCurrentThread
MultiByteToWideChar
GetThreadPriority
SetThreadPriority
ResumeThread
AcquireSRWLockExclusive
CreateEventW
SetEvent
ResetEvent
GetVersion
IsDebuggerPresent
GetCurrentProcess
GetSystemTimeAsFileTime
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryExA
VerifyVersionInfoW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
InitializeCriticalSectionEx
GetCurrentThreadId
RaiseException
InitOnceComplete
InitOnceBeginInitialize
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DisableThreadLibraryCalls
ReleaseSRWLockExclusive
lstrlenW
GetTickCount64
SetLastError
ReleaseSRWLockShared
GetCurrentProcessId
GlobalSize
MulDiv
GetModuleHandleW
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount

user32

GetSysColorBrush
IsIconic
RegisterWindowMessageW
TranslateAcceleratorW
FrameRect
EnableMenuItem
GetSubMenu
LoadMenuW
IsDialogMessageW
GetMenu
GetWindowDC
GetWindow
GetIconInfo
GetDlgCtrlID
DrawFrameControl
GetWindowTextW
ValidateRect
InflateRect
PeekMessageW
UnhookWindowsHookEx
TrackPopupMenuEx
SetWindowsHookExW
keybd_event
MapWindowPoints
CallNextHookEx
SystemParametersInfoW
GetWindowThreadProcessId
IsWindow
IsChild
UpdateWindow
GetCapture
GetSystemMetrics
DrawEdge
DestroyMenu
MonitorFromPoint
EndDeferWindowPos
ScrollWindow
DeferWindowPos
BeginDeferWindowPos
CreatePopupMenu
CharUpperW
CharLowerW
GetMenuItemID
SetWindowPlacement
EnumDisplayMonitors
UnionRect
EnumThreadWindows
GetWindowPlacement
CloseClipboard
GetMenuItemCount
AdjustWindowRect
NotifyWinEvent
InvalidateRgn
SetScrollPos
SetScrollInfo
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuState
GetScrollInfo
GetMenuStringW
DrawIcon
GetMenuBarInfo
IsZoomed
MapDialogRect
SetRectEmpty
DrawFocusRect
GetWindowTextLengthW
GetClassNameW
CheckMenuRadioItem
SetMenuDefaultItem
GetSysColor
GetClipboardData
IsClipboardFormatAvailable
AdjustWindowRectEx
RegisterClipboardFormatW
TrackMouseEvent
PtInRect
GetFocus
FillRect
DrawIconEx
SetWindowTextW
MonitorFromWindow
GetActiveWindow
SetForegroundWindow
InvalidateRect
DrawTextW
ReleaseDC
GetDC
EqualRect
IntersectRect
ScrollWindowEx
EndPaint
BeginPaint
ReleaseCapture
SetCapture
SetDlgItemTextW
GetNextDlgTabItem
IsRectEmpty
DestroyIcon
LoadImageW
wsprintfW
DestroyAcceleratorTable
OpenClipboard
LoadAcceleratorsW
OffsetRect
CopyRect
GetMonitorInfoW
MonitorFromRect
GetDlgItemInt
SendDlgItemMessageW
PostMessageW
SendMessageW
GetDlgItem
AppendMenuW
SetWindowLongPtrW
GetWindowLongPtrW
DefWindowProcW
CallWindowProcW
DestroyWindow
CreateWindowExW
RegisterClassExW
GetClassInfoExW
LoadCursorW
TrackPopupMenu
RegisterClassW
UnregisterClassW
SetDlgItemInt
MessageBeep
SetCursor
WindowFromPoint
GetCursorPos
BringWindowToTop
IsWindowVisible
GetKeyState
EnableWindow
SetWindowLongW
IsWindowEnabled
SetLayeredWindowAttributes
KillTimer
ShowWindow
SetTimer
SetWindowPos
ClientToScreen
GetClientRect
GetWindowLongW
GetParent
GetMessagePos
RedrawWindow
ScreenToClient
GetWindowRect
SetFocus
CreateDialogParamW

gdi32

GetCurrentObject
SetTextAlign
SetWindowOrgEx
OffsetWindowOrgEx
LPtoDP
GetTextMetricsW
FrameRgn
CreatePolygonRgn
OffsetRgn
CreatePen
CreateRectRgn
DeleteObject
SetTextColor
SetBkColor
CombineRgn
CreateRectRgnIndirect
GetStockObject
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
SetDCBrushColor
BitBlt
StretchBlt
FillRgn
SetBkMode
ExtTextOutW
CreateFontIndirectW
SetViewportOrgEx
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
SetDCPenColor
LineTo
MoveToEx
IntersectClipRect
SelectClipRgn
GetClipRgn
CreateDIBSection
GetTextColor
GetBkColor
GetDeviceCaps
RestoreDC
SaveDC
DeleteDC

shell32

ord74

ole32

OleInitialize
CoCreateGuid
OleUninitialize
CreateStreamOnHGlobal
DoDragDrop
OleSetClipboard
ReleaseStgMedium
OleGetClipboard
RegisterDragDrop
RevokeDragDrop
CoCreateInstance

shared

??1uCallStackTracker@@QEAA@XZ
??0uCallStackTracker@@QEAA@PEBD@Z
uGetOpenFileName
ModalDialog_PokeExisting
ModalDialog_CanCreateNew
uGetTempFileName
uGetTempPath
uPrintfV
uGetWindowText
uAppendMenu
PokeWindow
uGetDlgItemText
uSetDlgItemText
uSetWindowText
stricmp_utf8
uExceptFilterProc
uSendMessageText
stricmp_utf8_ex
uPrintCrashInfo_OnEvent
uBugCheck
uGetFontHeight
uSetClipboardRawData
FindOwningPopup
?calculate_peak@audio_math@@YANPEBN_K@Z
?g_from_system@t_font_description@@SA?AU1@H@Z
?create@t_font_description@@QEBAPEAUHFONT__@@XZ
?popup_dialog@t_font_description@@QEAA_NPEAUHWND__@@@Z
uChooseColor
uShellExecute
uBrowseForFolder
ModalDialog_Switch
uFixAmpersandChars_v2
uDragQueryFileCount
uDragQueryFile
uGetModuleFileName
uGetTextExtentPoint32
uFixAmpersandChars
uLoadImage
uShellNotifyIconEx
uShellNotifyIcon
uAddStringUpper
GetInfiniteWaitEvent
uFormatSystemErrorMessage
uCharLower
uGetMenuItemType
uGetMenuString
uModifyMenu
?scale@audio_math@@YAXPEBN_KPEANN@Z
uStringCompare

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?_Xlength_error@std@@YAXPEBD@Z
_Thrd_hardware_concurrency
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z

shlwapi

StrCmpLogicalW
SHAutoComplete
ord12

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__C_specific_handler
memmove
strchr
memcpy
__std_exception_copy
__std_exception_destroy
__std_terminate
memchr
memset
memcmp
wcschr
strstr
__current_exception
__current_exception_context
_CxxThrowException
_purecall
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

_strdup
_wcsicmp
wcscmp
strncmp
strlen
_wcsnicmp
wcscat_s
wcscpy_s
strncpy_s
wcsncpy_s
wcslen
strcmp
wcsnlen
tolower

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initialize_narrow_environment
terminate
abort
_initialize_onexit_table
_register_onexit_function
_configure_narrow_argv
_resetstkoflw
_execute_onexit_table
_crt_atexit
_initterm
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_beginthreadex
_errno
_cexit
_invalid_parameter_noinfo

api-ms-win-crt-heap-l1-1-0

_aligned_free
_recalloc
realloc
_expand
malloc
free
_aligned_malloc
_callnewh
_aligned_realloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vswprintf_s

api-ms-win-crt-utility-l1-1-0

rand
srand
labs

api-ms-win-crt-math-l1-1-0

cos
floor
pow
llround
log
ceil
fmod
exp
sin
log10
tanh
lround
ceilf
fabs
sqrt

api-ms-win-crt-convert-l1-1-0

atoi
_atoi64

advapi32

RegGetValueW

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af009b86239cb510030c7d240bb3fffb

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdiplus

uxtheme

kernel32

user32

gdi32

shell32

ole32

shared

msvcp140

shlwapi

msimg32

dwmapi

vcruntime140_1

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

advapi32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 342KB - Virtual size: 342KB

.data Size: 43KB - Virtual size: 48KB

.pdata Size: 88KB - Virtual size: 88KB

.rsrc Size: 174KB - Virtual size: 173KB

.reloc Size: 27KB - Virtual size: 26KB

.movehcs Size: 4KB - Virtual size: 8KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 342KB - Virtual size: 342KB

.data
Size: 43KB - Virtual size: 48KB

.pdata
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 174KB - Virtual size: 173KB

.reloc
Size: 27KB - Virtual size: 26KB

.movehcs
Size: 4KB - Virtual size: 8KB