8ef44dd17f7acbfd3295d33ecfd93099c1c591f8531596d8826468dd895b5cfa

Sharing

Copy URL Twitter E-mail

General

Target

8ef44dd17f7acbfd3295d33ecfd93099c1c591f8531596d8826468dd895b5cfa
Size

1.2MB
MD5

690ec3c68641475f4642534be9b66a82
SHA1

3c6d5a30f2a36467018bf9d9a2ac5b1c39739d3a
SHA256

8ef44dd17f7acbfd3295d33ecfd93099c1c591f8531596d8826468dd895b5cfa
SHA512

62857dfcf704a2472924bd5804b25811427d4caafb2bff73e17cf75a16b65c9b5a5bcba644e4c6e3401b962184fc7224c45a27466a12b931fad035bbb11b0aa5
SSDEEP

24576:5JKx2FngvqO0WzeURYtpRImiYiC2ge4dNpTvYhHSDlLJ:5JLO0o+Ig/w4dNpTgclLJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ef44dd17f7acbfd3295d33ecfd93099c1c591f8531596d8826468dd895b5cfa

Files

8ef44dd17f7acbfd3295d33ecfd93099c1c591f8531596d8826468dd895b5cfa
.exe windows:5 windows x86 arch:x86

2a33d352015295890097faa3dab82cf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

libcef

cef_browser_host_create_browser
cef_v8context_get_current_context
cef_v8value_create_string
cef_v8value_create_object
cef_v8value_create_function
cef_task_runner_get_for_thread
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_drag_data_create
cef_string_multimap_alloc
cef_string_multimap_free
cef_get_extensions_for_mime_type
cef_quit_message_loop
cef_run_message_loop
cef_shutdown
cef_initialize
cef_stream_reader_create_for_file
cef_stream_writer_create_for_handler
cef_execute_process
cef_register_extension
cef_post_delayed_task
cef_post_task
cef_currently_on
cef_api_hash
cef_command_line_get_global
cef_command_line_create
cef_string_map_free
cef_string_map_alloc
cef_string_list_free
cef_string_list_alloc
cef_cookie_manager_get_global_manager
cef_process_message_create
cef_string_userfree_utf16_free
cef_log
cef_string_utf16_set
cef_string_ascii_to_utf16
cef_string_wide_to_utf8
cef_string_utf16_cmp
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_utf8_to_utf16
cef_string_utf16_clear

opengl32

glVertex2f
glTexSubImage2D
glTexParameteri
glTexImage2D
wglCreateContext
glTexEnvf
glRotatef
glPushMatrix
glPushAttrib
glViewport
glPopAttrib
glPixelStorei
glOrtho
glMatrixMode
glLoadIdentity
glLineWidth
glInterleavedArrays
glBindTexture
glVertex2i
glHint
glGenTextures
glBegin
glPopMatrix
glBlendFunc
glClear
glEnd
glEnable
glDrawArrays
glDisable
glDeleteTextures
wglDeleteContext
glColor4f
glColor3f
glClearColor
wglMakeCurrent

gdiplus

GdiplusShutdown
GdiplusStartup

kernel32

GetStdHandle
GetModuleHandleExW
ExitProcess
RemoveDirectoryW
GetFullPathNameW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
CreateDirectoryW
GetFileAttributesExW
DeleteFileW
RtlUnwind
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
GetProcAddress
OpenProcess
GetCurrentProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentThreadId
IsDebuggerPresent
WaitForMultipleObjects
CloseHandle
DuplicateHandle
CreateEventW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
CreateProcessW
SearchPathW
LocalFree
DecodePointer
LockResource
FreeLibrary
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
TerminateProcess
RaiseException
CreateThread
GetLastError
DeleteCriticalSection
Sleep
LoadResource
SizeofResource
LoadLibraryW
LoadLibraryExA
GetModuleFileNameA
OutputDebugStringA
OutputDebugStringW
FindResourceW
FindResourceExW
GetLocalTime
WaitForSingleObject
GetCommandLineW
GetTempPathW
GetFileAttributesW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
lstrcpynW
lstrcatW
lstrlenW
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
FindClose
GetEnvironmentVariableW
FindFirstFileW
FindNextFileW
SetEnvironmentVariableW
GetWindowsDirectoryW
GetFileAttributesA
GetTickCount
GetPrivateProfileIntW
GetPrivateProfileStringW
SetLastError
SetErrorMode
GetEnvironmentVariableA
SetEnvironmentVariableA
VirtualProtect
VirtualFree
InterlockedCompareExchange
VirtualAlloc
GetCurrentThread
FlushInstructionCache
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
CreateFileW
SetFileAttributesW
FlushFileBuffers
InitializeCriticalSection
ResetEvent
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
QueryPerformanceCounter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
EncodePointer
GetStringTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WriteConsoleW
GetACP
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetCurrentDirectoryW
SetStdHandle
SetEvent

user32

BeginPaint
EndPaint
SetPropW
GetPropA
SetCursor
GetCursorPos
GetDC
ClientToScreen
ScreenToClient
WindowFromPoint
ReleaseDC
PtInRect
SetClassLongW
GetParent
GetWindowThreadProcessId
LoadCursorW
LoadIconW
GetAncestor
GetMessagePos
SendMessageW
OffsetRect
IsRectEmpty
EqualRect
FindWindowExW
MessageBoxW
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClipboardFormatW
LoadCursorA
UnionRect
RegisterWindowMessageW
PostMessageA
IsWindow
SetWindowPos
IsZoomed
SetPropA
GetPropW
GetClientRect
GetWindowRect
GetWindowLongW
SetWindowLongW
SetParent
TrackMouseEvent
GetMessageTime
DefWindowProcW
GetDoubleClickTime
RegisterClassExW
CreateWindowExW
IsChild
DestroyWindow
IsWindowVisible
SetFocus
GetKeyState
GetCapture
SetCapture
ReleaseCapture
GetSystemMetrics
GetClassNameW

gdi32

GetDeviceCaps
DeleteObject
CreateRectRgn
PtInRegion
CombineRgn
SwapBuffers
SetRectRgn
ChoosePixelFormat
SetPixelFormat

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

DragFinish
ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
DragQueryFileW

ole32

OleUninitialize
OleInitialize
ReleaseStgMedium
DoDragDrop
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
CoTaskMemAlloc

oleaut32

SysAllocString

shlwapi

StrStrIW
PathAppendA
PathRemoveFileSpecA
PathFileExistsW
PathAppendW
PathRemoveFileSpecW

ws2_32

ntohl
WSAStartup
socket
htons
htonl
closesocket
WSACleanup
bind

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

Sections

.text
Size: 806KB - Virtual size: 806KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared_
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

}�Hg�uF
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a33d352015295890097faa3dab82cf3

Headers

DLL Characteristics

File Characteristics

Imports

libcef

opengl32

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

version

Sections

.text Size: 806KB - Virtual size: 806KB

.rdata Size: 294KB - Virtual size: 294KB

.data Size: 14KB - Virtual size: 33KB

.shared_ Size: 512B - Virtual size: 1B

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 43KB - Virtual size: 43KB

}�Hg�uF Size: 16KB - Virtual size: 20KB

.text
Size: 806KB - Virtual size: 806KB

.rdata
Size: 294KB - Virtual size: 294KB

.data
Size: 14KB - Virtual size: 33KB

.shared_
Size: 512B - Virtual size: 1B

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 43KB - Virtual size: 43KB

}�Hg�uF
Size: 16KB - Virtual size: 20KB