fa008350ac45ebfa5755312278f3d4b2

Sharing

Copy URL

Twitter E-mail

General

Target

fa008350ac45ebfa5755312278f3d4b2
Size

272KB
MD5

fa008350ac45ebfa5755312278f3d4b2
SHA1

005abee893921a2933b34496bdb95f201d6f906f
SHA256

3e73fa04159434b09d4d844748c582112e20aa56b2b5c8d2aee82f6f70ff07e3
SHA512

b820fac2c3bfd2abbae5053746e3679165a3a20410cee9b782bea36ea13c7a61a378e815b09d47eb13a56e70b901c11635ff9fcd344ea244dab5372cd4d63f43
SSDEEP

6144:bEtYnUTMsfwlB138B2gEuNKaG1+4gQZl+EqNzULnH:ItCUTM+aB1zIK9jgzEqNgLnH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa008350ac45ebfa5755312278f3d4b2

Files

fa008350ac45ebfa5755312278f3d4b2
.dll windows:4 windows x86 arch:x86

c314f4ebdbf35b4cb592f75de1f56f38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHExtractIconsW
SHBindToParent
DragAcceptFiles
SHLoadNonloadedIconOverlayIdentifiers

user32

AnyPopup
AttachThreadInput
CallWindowProcA
CharNextA
CreateAcceleratorTableA
CreateWindowExA
DefWindowProcA
DestroyAcceleratorTable
DestroyWindow
DialogBoxIndirectParamA
EnableWindow
EndDialog
EndPaint
FillRect
FlashWindowEx
GetActiveWindow
GetClassInfoExA
GetClassNameA
GetClientRect
GetClipboardOwner
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetParent
GetSysColor
wsprintfA
WindowFromPoint
UpdateWindow
UnregisterClassA
TrackPopupMenu
SetWindowTextA
SetWindowPos
SetWindowLongA
SetWindowContextHelpId
SetFocus
SetCursor
SetCapture
SendMessageA
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClassExA
RedrawWindow
PtInRect
MessageBoxA
LockWorkStation
LoadCursorA
IsWindow
IsRectEmpty
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindow
GetSystemMenu

gdi32

SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetGraphicsMode
SetBkMode
SelectObject
RestoreDC
ModifyWorldTransform
GetStockObject
GetObjectA
GetDeviceCaps
GetBoundsRect
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap

comctl32

ord17

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA

kernel32

FindResourceA
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeLibrary
FlushInstructionCache
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
lstrlenW
lstrlenA
lstrcpynA
lstrcmpiA
lstrcmpA
WideCharToMultiByte
VirtualProtect
VirtualFree
VirtualAlloc
SizeofResource
SetLastError
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentThreadId

oleaut32

LoadTypeLi
OleCreateFontIndirect
SysAllocString
SysAllocStringLen
SysFreeString
SysStringByteLen
VariantInit
SysStringLen
VarNot
VariantClear
LoadRegTypeLi

ddraw

DSoundHelp
DirectDrawCreateClipper
GetSurfaceFromDC
DDGetAttachedSurfaceLcl

Exports

Exports

CreateCubeTextureFromResourceW
CreateEffectFromResourceExA
CreateLine
CreatePRTEngine
LoadSurfaceFromResourceW
MatrixOrthoOffCenterLH
Vec3Unproject
mpegInNew

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c314f4ebdbf35b4cb592f75de1f56f38

Headers

File Characteristics

Imports

shell32

user32

gdi32

comctl32

advapi32

kernel32

oleaut32

ddraw

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 42KB - Virtual size: 43KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 42KB - Virtual size: 43KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 2KB - Virtual size: 2KB