8650c02a1a7688f719981663b86849a44b388569529270ba350d38e0272379d9

Sharing

Copy URL Twitter E-mail

General

Target

8650c02a1a7688f719981663b86849a44b388569529270ba350d38e0272379d9
Size

198KB
MD5

11d7252081c4e2e71da7616ec1a2ca39
SHA1

fd45558e59a381f51769ca31737b42976e827585
SHA256

8650c02a1a7688f719981663b86849a44b388569529270ba350d38e0272379d9
SHA512

ad6ed2d1c1d4aca100bec5c026cb24aa97d21e34240a2a963c5702bb10c1872c2e0450b8af09a965dbc5a93adf22056fc3fa2db388bdd520fa7ff4327c0dec61
SSDEEP

3072:MiJiEOScug0uch8bFqOucH79ayZKgNX7CxBzVKvmYz22yz/6/f/H:lINug0u3ooygNX72N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8650c02a1a7688f719981663b86849a44b388569529270ba350d38e0272379d9

Files

8650c02a1a7688f719981663b86849a44b388569529270ba350d38e0272379d9
.dll windows:6 windows x86 arch:x86

614576a1615ca095a3d660cb587485e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapFree
HeapSize
HeapReAlloc
HeapAlloc
LeaveCriticalSection
GetProcessHeap
HeapDestroy
DecodePointer
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
SetLastError
GetSystemTimeAsFileTime
OutputDebugStringW
GetThreadPriority
SetThreadPriority
GetCurrentThread
SetEvent
GetTickCount64
TerminateProcess
GetCurrentProcess
CloseHandle
IsDebuggerPresent
WaitForSingleObject
CreateEventW
GlobalUnlock
GlobalLock
GetVersionExW
GlobalSize
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetProcAddress
lstrlenW
InitializeCriticalSection

user32

MessageBoxW
SetWindowTextW
PostMessageW
SendMessageW
DestroyWindow
InvalidateRect
DefWindowProcW
GetClassInfoExW
RegisterClassExW
GetParent
LoadCursorW
RegisterClassW
GetDlgItemInt
CopyRect
AdjustWindowRect
MessageBeep
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
WindowFromPoint
EndDialog
DialogBoxParamW
SetWindowLongW
FillRect
EnableWindow
DrawTextW
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
UnregisterClassW
GetSysColor
SetWindowPos
EndPaint
BeginPaint
UpdateWindow
GetDlgItem
DrawEdge
GetKeyState
GetClipboardData
IntersectRect
CreateDialogParamW
ShowWindow
LoadIconW
IsWindowEnabled
CallWindowProcW
CloseClipboard
OpenClipboard
SetFocus
GetWindowRect
MapWindowPoints
GetClientRect
BeginDeferWindowPos
DeferWindowPos
IsZoomed
EndDeferWindowPos
MapDialogRect
AdjustWindowRectEx
CreateWindowExW

gdi32

GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
SelectObject
SetTextColor
SetBkMode
GetObjectW

advapi32

CryptGetHashParam
CryptAcquireContextW
CryptDestroyHash
CryptReleaseContext
CryptCreateHash
CryptHashData

shared

??0uCallStackTracker@@QAE@PBD@Z
_ModalDialog_PokeExisting@0
_stricmp_utf8@8
_ModalDialog_CanCreateNew@0
_uSetDlgItemText@12
_uGetDlgItemText@12
_ModalDialog_Switch@4
_GetInfiniteWaitEvent@0
_uGetWindowText@8
_uSetWindowText@8
_uExceptFilterProc@4
_stricmp_utf8_ex@16
_uBugCheck@0
_uFormatSystemErrorMessage@8
??1uCallStackTracker@@QAE@XZ
_uPrintCrashInfo_OnEvent@8

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ

vcruntime140

strstr
memcpy
strchr
_purecall
memset
memmove
__std_exception_copy
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list
_except_handler3
__std_exception_destroy
__std_terminate
__CxxFrameHandler3
memcmp

api-ms-win-crt-string-l1-1-0

wcsnlen
strncmp
_strdup
strcmp
strlen

api-ms-win-crt-heap-l1-1-0

free
malloc
_expand
_recalloc
_callnewh
realloc

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_errno
_crt_atexit
abort
_initterm_e
_initterm
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_cexit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__stdio_common_vsprintf

api-ms-win-crt-math-l1-1-0

lround
ceil
llround

api-ms-win-crt-utility-l1-1-0

srand
rand

uxtheme

SetWindowTheme

ole32

CoCreateInstance

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

614576a1615ca095a3d660cb587485e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shared

msvcp140

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

uxtheme

ole32

Exports

Exports

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 9KB - Virtual size: 9KB

.movehcs Size: 512B - Virtual size: 4KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 9KB - Virtual size: 9KB

.movehcs
Size: 512B - Virtual size: 4KB