10a55a54412d4891891db9af09e2ef876258c6f984b07ca88cb4443f5e72fa80

Sharing

Copy URL Twitter E-mail

General

Target

10a55a54412d4891891db9af09e2ef876258c6f984b07ca88cb4443f5e72fa80
Size

11.7MB
MD5

bced1f6a4a7625d57d251d6ef55f9c78
SHA1

d06acb18a104b6af6375e7f950132ce226fde8e1
SHA256

10a55a54412d4891891db9af09e2ef876258c6f984b07ca88cb4443f5e72fa80
SHA512

7b47e5fbcb214187c8c2bfc76139d3d1d5de33082603513403c583fa1920d52d33344463853d3e8e0ab359a0e0338599c7423e67de2a9408525f8580b43200b3
SSDEEP

196608:Akvw710pKnof1mU7AyXBYBY+lkkqHHbx0:Akvw71VU7A+B6Y+lkZbx0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a55a54412d4891891db9af09e2ef876258c6f984b07ca88cb4443f5e72fa80

Files

10a55a54412d4891891db9af09e2ef876258c6f984b07ca88cb4443f5e72fa80
.exe windows:6 windows x86 arch:x86

8e8e4056f79e875dc6a800caa3ecf195

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateAcceleratorA
CallWindowProcA
CharPrevA
RegisterClassA
SetMenuItemInfoW
GetMenuState
GetMenuItemID
RemoveMenu
InsertMenuA
SetMenuItemInfoA
CreateDialogParamA
GetKeyboardState
SetRectEmpty
GetSystemMenu
SetWindowRgn
LoadMenuA
TrackPopupMenu
GetMenuStringA
ModifyMenuA
LoadAcceleratorsA
AnimateWindow
MonitorFromWindow
GetWindowTextW
GetSysColor
GetMonitorInfoA
GetClassNameA
IsWindow
AdjustWindowRectEx
OpenClipboard
MessageBoxA
GetDlgCtrlID
SetParent
GetParent
IsChild
GetWindow
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
SetFocus
SetCapture
SetActiveWindow
IsWindowEnabled
RedrawWindow
IsWindowVisible
InvalidateRgn
DialogBoxParamW
MessageBeep
SendDlgItemMessageW
SetDlgItemTextW
EndDialog
SetWindowTextW
LoadIconA
InvalidateRect
EndPaint
BeginPaint
GetWindowRect
SetWindowPos
SetClassLongA
CloseClipboard
SetClipboardData
EmptyClipboard
CallWindowProcW
CreateWindowExW
GetCapture
PostMessageW
PostMessageA
CharNextExA
LoadIconW
SetTimer
GetCursorPos
GetDlgItem
MoveWindow
IsIconic
CheckDlgButton
SendMessageW
EnableWindow
ShowWindow
IsDlgButtonChecked
SendDlgItemMessageA
CopyRect
OffsetRect
SetRect
CharNextW
DrawMenuBar
SetMenu
GetMenu
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SendMessageA
GetKeyState
SetCursor
MessageBoxW
RegisterClassExW
wsprintfW
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
DialogBoxIndirectParamW
DefWindowProcA
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
FillRect
GetFocus
DestroyWindow
CreateWindowExA
GetWindowLongW
GetWindowLongA
SetWindowLongW
SetWindowLongA
TranslateMessage
PeekMessageA
UnregisterClassA
DispatchMessageA
GetMessageA
GetSystemMetrics
SystemParametersInfoA
GetRawInputData
RegisterRawInputDevices
ReleaseDC
GetDC
PtInRect
wvsprintfW
wvsprintfA
wsprintfA
CharNextA
GetAsyncKeyState
GetActiveWindow
GetForegroundWindow
DestroyAcceleratorTable
ScreenToClient
ClientToScreen
SetCursorPos
GetClientRect
LoadAcceleratorsW
LoadMenuW
FindWindowW
PostQuitMessage
CheckMenuItem
DeleteMenu
EnableMenuItem
GetSubMenu
GetMenuItemCount
DialogBoxParamA
GetCursor
ModifyMenuW
DefWindowProcW
MonitorFromRect
SetForegroundWindow
DestroyMenu
TrackPopupMenuEx
AppendMenuW
CreatePopupMenu
GetAncestor
KillTimer
CreateDialogParamW

gdi32

CreateDCA
SetTextColor
SetBkMode
SetBkColor
CreateRectRgn
GetTextExtentPoint32A
GetStockObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
GetObjectA
GetOutlineTextMetricsA
DeleteObject
GetTextMetricsA
SelectObject
CreateFontIndirectA
BitBlt

comdlg32

ChooseFontA

shell32

ShellExecuteA
ShellExecuteW
SHGetFolderPathA
SHCreateDirectoryExW
SHGetFolderPathW
Shell_NotifyIconA

imm32

ImmGetContext
ImmSetOpenStatus
ImmGetOpenStatus

msacm32

acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmFormatSuggest
acmStreamOpen

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

d3d9

Direct3DCreate9

dsetup

ord11

ole32

OleInitialize
CoInitializeEx
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoUninitialize
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoSetProxyBlanket
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
OleUninitialize

oleaut32

VarUI4FromStr
VariantClear
VariantInit
LoadTypeLi
SysAllocStringLen
SysFreeString
LoadRegTypeLi
OleCreateFontIndirect
VariantChangeType
VariantCopy
SysStringLen
SysAllocString

d3dx9_43

D3DXFrameDestroy
D3DXFileCreate
D3DXGetDeclVertexSize
D3DXMatrixLookAtLH
D3DXQuaternionInverse
D3DXLoadMeshFromXInMemory
D3DXMatrixPerspectiveFovLH
D3DXQuaternionToAxisAngle
D3DXMatrixRotationZ
D3DXMatrixRotationYawPitchRoll
D3DXVec3TransformCoordArray
D3DXCreateCompressedAnimationSet
D3DXQuaternionNormalize
D3DXCreateEffect
D3DXMatrixAffineTransformation
D3DXLoadSurfaceFromFileInMemory
D3DXCreateCubeTexture
D3DXLoadSurfaceFromSurface
D3DXVec2Transform
D3DXComputeBoundingBox
D3DXVec3TransformNormalArray
D3DXPlaneFromPointNormal
D3DXComputeNormals
D3DXPlaneFromPoints
D3DXVec3Normalize
D3DXQuaternionRotationYawPitchRoll
D3DXMatrixTransformation
D3DXMatrixDecompose
D3DXVec4Transform
D3DXMatrixOrthoOffCenterLH
D3DXMatrixRotationAxis
D3DXQuaternionSlerp
D3DXVec2TransformCoord
D3DXMatrixRotationQuaternion
D3DXVec3TransformNormal
D3DXCreateTexture
D3DXVec3Project
D3DXGetImageInfoFromFileInMemory
D3DXVec3TransformArray
D3DXSaveTextureToFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXFrameFind
D3DXLoadMeshHierarchyFromXInMemory
D3DXFrameRegisterNamedMatrices
D3DXBoxBoundProbe
D3DXIntersectSubset
D3DXGetDeclLength
D3DXVec2TransformCoordArray
D3DXSaveSurfaceToFileW
D3DXQuaternionMultiply
D3DXQuaternionRotationAxis
D3DXVec3ProjectArray
D3DXMatrixScaling
D3DXVec3TransformCoord
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixMultiply
D3DXCreateLine
D3DXMatrixTranslation
D3DXComputeBoundingSphere
D3DXVec3Transform
D3DXVec3UnprojectArray
D3DXPlaneIntersectLine
D3DXMatrixInverse
D3DXComputeTangent

winmm

mciGetErrorStringA
mixerOpen
mixerGetControlDetailsA
mciSendCommandA
timeGetTime
timeEndPeriod
timeBeginPeriod
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerGetNumDevs
mixerClose
mixerSetControlDetails

shlwapi

PathCombineW
PathRemoveBackslashA
PathRemoveFileSpecA
PathAddBackslashA
PathRemoveExtensionA
PathCombineA
PathCanonicalizeA
PathIsRelativeA
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathFindExtensionA
PathIsRelativeW
PathIsUNCW
PathRemoveBackslashW
ord12
PathAddExtensionW
PathFileExistsA
PathRenameExtensionW
PathFindFileNameA

wininet

InternetOpenA
InternetSetStatusCallback
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetQueryDataAvailable
InternetReadFile
InternetAttemptConnect
HttpEndRequestA
HttpSendRequestExA
HttpAddRequestHeadersA
HttpSendRequestA
HttpOpenRequestA
InternetWriteFile
InternetOpenUrlA

gdiplus

GdipFree
GdipAlloc
GdipDeleteBrush
GdipCloneBrush
GdipCreateSolidFill
GdipDisposeImage
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatMeasurableCharacterRanges
GdipCreateFromHWND
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipFlush
GdipSetTextRenderingHint
GdipSetPageUnit
GdipSetPageScale
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipMeasureCharacterRanges
GdipCreateRegionRectI
GdipDeleteRegion
GdipGetRegionBoundsI
GdipIsEmptyRegion
GdipCreateFontFromLogfontA
GdipGetLogFontA
GdipDeleteFont
GdipGetFontSize
GdipGetFontUnit
GdipGetFontHeight
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipCreatePen1
GdipDrawLineI
GdipCreateFromHDC
GdipDeletePen

ddraw

DirectDrawCreateEx

dinput8

DirectInput8Create

xinput9_1_0

XInputGetState
XInputGetCapabilities

dsound

ord1
ord2
ord11

advapi32

RegQueryInfoKeyW
RegEnumKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

vcruntime140

__current_exception
strrchr
__current_exception_context
_except_handler4_common
memcmp
__uncaught_exception
_CxxThrowException
memmove
memset
memcpy
memchr
longjmp
strstr
wcschr
_setjmp3
_except_handler3
__RTDynamicCast
__RTtypeid
strchr
__std_type_info_name
_purecall
__std_type_info_compare
__std_exception_destroy
__std_exception_copy
__std_terminate
__CxxFrameHandler3

api-ms-win-crt-multibyte-l1-1-0

_mbsstr
_mbscmp
_ismbcalnum
_mbsspnp
_mbsupr_s
_mbsinc
_mbctoupper
_ismbcspace
_mbsdec
_mbschr
_ismbblead
_mbslen
_ismbcdigit
_mbslwr
_mbsncpy_s
_mbslwr_s
_mbsnbicmp
_mbsnbcpy_s
_mbsnbcmp
_mbscat_s
_mbsicmp
_mbscspn

api-ms-win-crt-math-l1-1-0

_isnan
_libm_sse2_pow_precise
ldexp
_libm_sse2_sqrt_precise
_nextafter
_libm_sse2_cos_precise
_libm_sse2_sin_precise
frexp
_CIfmod
_hypot
_libm_sse2_acos_precise
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_libm_sse2_exp_precise
_libm_sse2_log10_precise
_libm_sse2_log_precise
_libm_sse2_tan_precise
_CIatan2
_CIpow
floor
ceil
log2
_finite
_copysign
log2f
__setusermatherr

api-ms-win-crt-runtime-l1-1-0

exit
_endthreadex
abort
_errno
_beginthreadex
_endthread
_beginthread
_configure_narrow_argv
system
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_register_thread_local_exe_atexit_callback
_c_exit
_crt_atexit
_exit
_initterm_e
_initterm
_controlfp_s
_invalid_parameter_noinfo_noreturn
_resetstkoflw
_invalid_parameter_noinfo
_cexit
terminate
_seh_filter_exe
_set_app_type
strerror
_get_narrow_winmain_command_line

api-ms-win-crt-convert-l1-1-0

atof
strtof
strtoul
atoi
_atoi64
strtol
strtod

api-ms-win-crt-heap-l1-1-0

realloc
calloc
malloc
free
_callnewh
_aligned_malloc
_aligned_free
_set_new_mode
_recalloc

api-ms-win-crt-stdio-l1-1-0

fopen
__stdio_common_vsprintf_s
_set_fmode
__stdio_common_vswprintf_s
__stdio_common_vswprintf
fclose
__p__commode
freopen
ferror
fread
__stdio_common_vsprintf
fseek
fflush
getc
__stdio_common_vfprintf
feof
fwrite
tmpnam
clearerr
_pclose
tmpfile
__stdio_common_vsnwprintf_s
setvbuf
__stdio_common_vsnprintf_s
_popen
ungetc
_ftelli64
_fseeki64
fgets
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

_strupr
wcscspn
wcsnlen
wcsncmp
strtok_s
strpbrk
_wcsupr_s
__strncnt
wcsncpy_s
_wcsdup
islower
strtok
ispunct
iscntrl
wcscat_s
isxdigit
isupper
isgraph
iswspace
_stricmp
_strnicmp
strspn
strcoll
strcpy_s
_strupr_s
isdigit
isalpha
tolower
strcat_s
wcscpy_s
strncmp
isspace
toupper
strncat_s
isprint
strncpy
strncat
isalnum
wcsncpy
strcspn
towupper

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_collate_cp_func
___mb_cur_max_func
___lc_codepage_func
_unlock_locales
___lc_locale_name_func
_setmbcp
setlocale
_configthreadlocale
_lock_locales
__pctype_func

api-ms-win-crt-utility-l1-1-0

qsort
rand
rand_s

api-ms-win-crt-filesystem-l1-1-0

remove
rename
_makepath_s
_splitpath_s
_splitpath
_makepath

api-ms-win-crt-time-l1-1-0

_difftime64
_mktime64
_Strftime
_Gettnames
_Wcsftime
_W_Gettnames
_W_Getmonths
_W_Getdays
_Getmonths
_Getdays
strftime
_time64
_localtime64
_gmtime64
clock

api-ms-win-crt-environment-l1-1-0

getenv

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 215KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 578KB - Virtual size: 577KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ierdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xfudata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imrdata
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e8e4056f79e875dc6a800caa3ecf195

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comdlg32

shell32

imm32

msacm32

version

d3d9

dsetup

ole32

oleaut32

d3dx9_43

winmm

shlwapi

wininet

gdiplus

ddraw

dinput8

xinput9_1_0

dsound

advapi32

vcruntime140

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-environment-l1-1-0

Sections

.text Size: 5.2MB - Virtual size: 5.2MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 215KB - Virtual size: 472KB

.rsrc Size: 578KB - Virtual size: 577KB

.reloc Size: 299KB - Virtual size: 299KB

.ierdata Size: 108KB - Virtual size: 108KB

.xfudata Size: 108KB - Virtual size: 108KB

.imrdata Size: 4.0MB - Virtual size: 4.0MB

.text
Size: 5.2MB - Virtual size: 5.2MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 215KB - Virtual size: 472KB

.rsrc
Size: 578KB - Virtual size: 577KB

.reloc
Size: 299KB - Virtual size: 299KB

.ierdata
Size: 108KB - Virtual size: 108KB

.xfudata
Size: 108KB - Virtual size: 108KB

.imrdata
Size: 4.0MB - Virtual size: 4.0MB