5e924fae8b19962ce78f15975c2d270a

Sharing

Copy URL Twitter E-mail

General

Target

5e924fae8b19962ce78f15975c2d270a
Size

1.6MB
MD5

5e924fae8b19962ce78f15975c2d270a
SHA1

0cf717dd7d509b17da1cf204765b937f38ac2949
SHA256

b43088c925d25715a5b191f6fd703d88568177efb67486ab9d9f088fc363edd7
SHA512

b19d78fe339b6820049c9bb2521a67a0f739ff23b9ede44790a2affa65ebbf0efc795f85025f45ef2f3fd6b0147b22cbc635eabfd56fa9e27f300bd85e4950a9
SSDEEP

24576:GnxW9/nmoTwwEMkqdrR0yGV29Oobu1Vir7M8MQ+qxwtu4lP+RLptQUPxkxxr1JLN:DnJTwJMk+yVuORMw8Zxwtu4+vQUPx813

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Dumpper v.91.2/Dumpper.exe
unpack001/Dumpper v.91.2/JumpLittle.exe
unpack001/Dumpper v.91.2/QRCoder.dll
unpack001/Dumpper v.91.2/WpsWin.exe

Files

5e924fae8b19962ce78f15975c2d270a
.zip
Dumpper v.91.2/Dumpper.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 122B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dumpper v.91.2/JumpLittle.exe
.exe windows:4 windows x86 arch:x86

1d15063d1798e96e93f9fbb81fc51523

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

avifil32

AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamInfoW
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamOpenFromFileW
AVIFileInit
AVIFileExit
AVIStreamRelease

msvfw32

DrawDibOpen
DrawDibDraw
DrawDibClose

shlwapi

SHDeleteKeyW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveExtensionW

crypt32

CryptProtectData
CryptUnprotectData

kernel32

GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GlobalGetAtomNameW
GetAtomNameW
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileTime
GetCurrentDirectoryW
FindResourceExW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
RtlUnwind
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
FatalAppExitA
GetCPInfo
GetTimeFormatA
GetDateFormatA
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LocalAlloc
VirtualProtect
SuspendThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
GetCurrentProcessId
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GetModuleHandleA
GetModuleHandleW
WideCharToMultiByte
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
LoadLibraryA
ExpandEnvironmentStringsA
lstrlenW
WinExec
GetWindowsDirectoryW
lstrcpyW
FormatMessageW
GetSystemDirectoryW
LocalFree
WaitForMultipleObjects
ResetEvent
SetEvent
GetLocalTime
GetCurrentThreadId
MoveFileW
CreateDirectoryW
lstrlenA
GetProcAddress
GetVersionExW
FreeLibrary
GetCurrentProcess
DuplicateHandle
ResumeThread
WaitForSingleObject
CreateEventW
GetLastError
CloseHandle
LoadLibraryW
GetModuleFileNameW
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTempPathW
GetTickCount
Sleep
DeleteFileW
InterlockedDecrement
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedIncrement
RaiseException

user32

WaitMessage
DestroyIcon
GetDialogBaseUnits
TranslateAcceleratorW
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
IsRectEmpty
GetSystemMenu
SetParent
UnionRect
SetRect
GetDCEx
LockWindowUpdate
GetAsyncKeyState
ShowOwnedPopups
GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
MsgWaitForMultipleObjects
CharUpperW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
InflateRect
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
ReleaseCapture
EqualRect
UnregisterClassA
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
DefWindowProcW
CallWindowProcW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetFocus
SetWindowPos
ScrollWindowEx
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
GetWindowLongW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GetWindow
WindowFromPoint
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
UnhookWindowsHookEx
GetWindowTextLengthW
GetWindowTextW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
DeleteMenu
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
UnregisterClassW
GetSysColorBrush
GetDesktopWindow
GetSubMenu
RemoveMenu
LoadCursorW
CopyIcon
DestroyCursor
GetCursorPos
SetCursor
SetWindowLongW
DrawEdge
PtInRect
LoadIconW
IsIconic
DrawIcon
RedrawWindow
GetClipboardData
CloseClipboard
OpenClipboard
PostMessageW
SendMessageW
EnableWindow
SetTimer
GetSystemMetrics
GetSysColor
IsWindow
KillTimer
GetParent
InvalidateRect
GetClientRect
GetWindowRect
OffsetRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
AdjustWindowRectEx
MapDialogRect
IsWindowEnabled
DeferWindowPos

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
RectVisible
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
PtVisible
PlayMetaFile
CreatePen
ExtCreatePen
OffsetViewportOrgEx
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
EnumFontFamiliesExW
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
SetViewportOrgEx
SelectObject
GetClipRgn
SelectClipRgn
CreateFontIndirectW
PatBlt
StartDocW
GetPixel
GetObjectW
GetWindowExtEx
GetViewportExtEx
Escape
CreateRectRgn
TextOutW
GetStockObject
GetTextMetricsW
EnumMetaFile
MaskBlt
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
ExtSelectClipRgn
CreateBitmap
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetTextExtentPoint32W
SetTextJustification
ExtTextOutW
SelectClipPath

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
RegOpenKeyExA
RegQueryValueExA
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegFlushKey
GetLengthSid
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegCreateKeyW

shell32

DragQueryFileW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
SHGetSpecialFolderPathW
DragFinish

ole32

ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
CreateBindCtx
CoTaskMemFree
StringFromGUID2
CLSIDFromString
CoInitialize
CoCreateGuid
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
OleDuplicateData
CoDisconnectObject
SetConvertStg

oleaut32

VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysAllocStringByteLen
SysReAllocStringLen
VarDateFromStr
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
VarDecFromStr
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
VariantInit
VariantClear
SafeArrayGetDim
SysAllocString
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayRedim
VarBstrFromDate
SafeArrayPutElement
SafeArrayAllocData
VariantChangeType
SysStringByteLen
VariantCopy
SafeArrayAllocDescriptor

Sections

.text
Size: 616KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 816KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Dumpper v.91.2/PinList.txt
Dumpper v.91.2/QRCoder.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dumpper v.91.2/WpsWin.exe
.exe windows:5 windows x86 arch:x86

79a6d0a2f3147943a651e965147d60ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wlanapi

WlanOpenHandle
WlanCloseHandle
WlanEnumInterfaces
WlanSetProfile
WlanFreeMemory

kernel32

SetUnhandledExceptionFilter
LoadLibraryW
SetStdHandle
WriteConsoleW
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetCurrentThreadId
SetEvent
GetVersion
CreateEventW
ResetEvent
CloseHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
SetFilePointer
ReadFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
GetCommandLineW
HeapSetInformation
LCMapStringW
MultiByteToWideChar
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
CreateFileW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapCreate
HeapSize
GetModuleFileNameW
GetLocaleInfoW
FreeEnvironmentStringsW

user32

PostThreadMessageW

ole32

CoCreateInstance
CoReleaseServerProcess
CoUninitialize
CoInitializeEx
CoWaitForMultipleHandles
StringFromGUID2
PropVariantClear
CoAddRefServerProcess

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.sdata Size: 512B - Virtual size: 122B

.rsrc Size: 101KB - Virtual size: 101KB

.reloc Size: 512B - Virtual size: 12B

1d15063d1798e96e93f9fbb81fc51523

Headers

File Characteristics

Imports

version

avifil32

msvfw32

shlwapi

crypt32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 616KB - Virtual size: 612KB

.rdata Size: 152KB - Virtual size: 148KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 816KB - Virtual size: 814KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 57KB - Virtual size: 57KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

79a6d0a2f3147943a651e965147d60ee

Headers

DLL Characteristics

File Characteristics

Imports

wlanapi

kernel32

user32

ole32

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 448B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.sdata
Size: 512B - Virtual size: 122B

.rsrc
Size: 101KB - Virtual size: 101KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 616KB - Virtual size: 612KB

.rdata
Size: 152KB - Virtual size: 148KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 816KB - Virtual size: 814KB

.text
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 448B

.reloc
Size: 8KB - Virtual size: 7KB