df24b34b8076c99d73124eb32c27e94b203c444d6f7789d07aa5afb00379dbda

Sharing

Copy URL Twitter E-mail

General

Target

df24b34b8076c99d73124eb32c27e94b203c444d6f7789d07aa5afb00379dbda
Size

3.4MB
MD5

1512ecb8034e3d737313bf2535837132
SHA1

03ee275cc1004f30bf9c9bc0f8021867b03454f1
SHA256

df24b34b8076c99d73124eb32c27e94b203c444d6f7789d07aa5afb00379dbda
SHA512

d66d6952c1d21f564e1e085a199dd21bfd1e7db6b58cab561c03ab4c874bfeca7f3285f06af924114cb8a85d7b15f2146f20a77c358ad3723783cb13c3d43838
SSDEEP

49152:rdoUV2cu2HmduHwZOmHykaZjZfGLGzoFnxSXUDQ+1RDusb1k7ubbFn9iujQV3vwp:z2H/WKrkZfGZSXUEkZuek7WbFpD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df24b34b8076c99d73124eb32c27e94b203c444d6f7789d07aa5afb00379dbda

Files

df24b34b8076c99d73124eb32c27e94b203c444d6f7789d07aa5afb00379dbda
.dll windows:6 windows x86 arch:x86

7bdfed26ef39cc791b27abab060913b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileW
LocalFree
CreateThread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetFilePointer
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MoveFileW
lstrlenW
lstrcmpW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
WriteProcessMemory
VirtualFreeEx
VirtualAllocEx
GetWindowsDirectoryW
GetLocalTime
OpenProcess
GetStartupInfoW
CreateProcessW
GetCurrentThreadId
GetCurrentThread
CreateRemoteThread
GetCurrentProcessId
CreateMutexW
OutputDebugStringW
GetTempPathW
WriteFile
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
ReadFile
GetFileSizeEx
GetFileSize
GetFileAttributesW
CreateFileA
GetCommandLineW
MoveFileExW
WaitForMultipleObjects
Sleep
LeaveCriticalSection
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
EnterCriticalSection
InitializeCriticalSection
WideCharToMultiByte
lstrcpyW
LoadLibraryW
GetModuleFileNameW
FreeLibrary
GetCurrentProcess
CreateEventW
WaitForSingleObject
SetEvent
DeleteFileW
ReadDirectoryChangesW
CancelIo
PostQueuedCompletionStatus
FindFirstFileW
CreateIoCompletionPort
CloseHandle
CreateFileW
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
GetVersionExW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
SetStdHandle
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
ExitThread
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
CreateTimerQueue
FlushFileBuffers
GetSystemWindowsDirectoryW
InterlockedCompareExchange
GetSystemDirectoryW
lstrcmpiA
lstrcmpA
InitializeSListHead
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsBadReadPtr
ResetEvent
GetQueuedCompletionStatus
FindClose
ResumeThread
GetTempFileNameW
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
GetVersion
ExitProcess
GetACP
FreeResource
MulDiv
FindNextFileA
ReleaseMutex
OpenFileMappingW
LoadLibraryExW
IsDebuggerPresent
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
DeviceIoControl
SetLastError
AreFileApisANSI
GetFileInformationByHandle
GetFileAttributesExW
FindFirstFileExW
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
DuplicateHandle
TryEnterCriticalSection
FormatMessageW
GetStringTypeW
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer

user32

FillRect
DrawFocusRect
RemovePropW
IsWindowEnabled
FindWindowExW
CreateAcceleratorTableW
InvalidateRgn
RegisterClassExW
DefWindowProcW
DispatchMessageW
TranslateMessage
RegisterWindowMessageW
GetWindow
SendMessageW
CharLowerBuffW
SetWindowLongW
GetWindowLongW
ScreenToClient
DestroyWindow
PostQuitMessage
UnhookWinEvent
SetWinEventHook
GetWindowTextW
IsIconic
IsWindowVisible
FindWindowW
GetDesktopWindow
PtInRect
CopyRect
KillTimer
SetTimer
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
GetWindowThreadProcessId
GetClassNameW
GetCursorPos
SetForegroundWindow
EnumWindows
GetForegroundWindow
BringWindowToTop
SetWindowPos
MoveWindow
IsWindow
AttachThreadInput
wsprintfW
PostThreadMessageW
PeekMessageW
GetMessageW
GetWindowRect
GetShellWindow
GetDlgCtrlID
DestroyIcon
MonitorFromWindow
ChangeWindowMessageFilter
CreateWindowExW
GetDC
ReleaseDC
MonitorFromPoint
PostMessageW
IsChild
UpdateLayeredWindow
IsZoomed
GetMessagePos
SetFocus
GetFocus
GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
CreateCaret
GetCaretBlinkTime
SetCaretPos
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
GetParent
CharPrevW
DrawTextW
SetRect
LoadImageW
DrawIconEx
GetIconInfo
wvsprintfW
SetCursor
InflateRect
OffsetRect
LoadCursorW
CallWindowProcW
RegisterClassW
GetClassInfoExW
ShowWindow
EnableWindow
SetPropW
GetPropW
SetWindowRgn
MessageBoxW
HideCaret
ShowCaret
ClientToScreen
GetSysColor
GetWindowDC
SetWindowTextW
GetWindowTextLengthW
CharNextW

gdi32

SetWindowOrgEx
CombineRgn
CreateRectRgnIndirect
CreateRoundRectRgn
GetCharABCWidthsW
GetClipBox
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
SetDIBColorTable
GetObjectW
ExtTextOutW
CreateDCW
GetDIBits
SetDIBitsToDevice
CreateSolidBrush
GetTextColor
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetTextExtentPoint32W
SelectObject
GetTextMetricsW
SaveDC
RestoreDC
Rectangle
GetStockObject
TextOutW
DeleteObject
CreatePen

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegGetValueW
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetFileInfoW
ord727
SHFileOperationW
ord155
SHGetPathFromIDListW
SHGetFolderLocation
SHGetKnownFolderPath
SHGetDesktopFolder
SHOpenWithDialog
SHChangeNotify
ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW
ord165

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemFree
CoUninitialize
CoInitialize
OleUninitialize

oleaut32

VariantClear
SafeArrayCreate
SafeArrayPutElement
VariantInit
SysAllocString

shlwapi

StrStrIA
SHAutoComplete
PathCombineW
PathFileExistsW
StrStrIW
wnsprintfW
PathRemoveFileSpecW
PathAppendW
PathIsDirectoryW
StrFormatByteSizeW
StrRetToStrW
StrTrimA
PathFindFileNameW
SHGetValueW
StrCmpIW
SHDeleteKeyW
SHDeleteValueW
SHSetValueW
ord176
SHGetValueA
SHSetValueA
StrCmpNIW

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

crypt32

CertGetNameStringW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust

gdiplus

GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGraphicsClear
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAddPathArc
GdipDrawEllipseI
GdipLoadImageFromFile
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipBitmapLockBits

msimg32

AlphaBlend
GradientFill

comctl32

ImageList_DrawEx
_TrackMouseEvent
ord17
ImageList_GetIconSize
InitCommonControlsEx

Exports

Exports

CreateTrayClient

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 326KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bdfed26ef39cc791b27abab060913b2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

version

wininet

iphlpapi

crypt32

wintrust

gdiplus

msimg32

comctl32

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 326KB - Virtual size: 325KB

.data Size: 31KB - Virtual size: 49KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 95KB - Virtual size: 94KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 326KB - Virtual size: 325KB

.data
Size: 31KB - Virtual size: 49KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 95KB - Virtual size: 94KB