0d849956027960cbc1295597227a8c5f70c7fd73ac14c9f8454ea8f2d4902e87

Sharing

Copy URL Twitter E-mail

General

Target

0d849956027960cbc1295597227a8c5f70c7fd73ac14c9f8454ea8f2d4902e87
Size

5.0MB
MD5

3a83c0ae5371ff12209d950211414587
SHA1

8d842f854efc4405e8166c64b9857f843c03d4f8
SHA256

0d849956027960cbc1295597227a8c5f70c7fd73ac14c9f8454ea8f2d4902e87
SHA512

b3ee23ddab056d353f6cb8ba8416f98e20dfe4508c506930ecbcbd44f3d311a713e7ac991ad019ae10fd8c4bb14bbae67ea17ef6d4fca51738d05348f51c123b
SSDEEP

98304:/iyfAsgJ74gPfyRPSyl4uWrv0IaabibMMrMIMMrMK4Mdv:/h4X7xk4uWrv0IaabiNndv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d849956027960cbc1295597227a8c5f70c7fd73ac14c9f8454ea8f2d4902e87

Files

0d849956027960cbc1295597227a8c5f70c7fd73ac14c9f8454ea8f2d4902e87
.dll windows:5 windows x64 arch:x64

a1e15f2ff50592942b11dfcf3d64aca9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Remove
ImageList_SetImageCount
ImageList_Replace
InitCommonControlsEx

kernel32

MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
GetConsoleWindow
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapDestroy
LeaveCriticalSection
RaiseException
GetLastError
HeapSize
EnterCriticalSection
DecodePointer
WinExec
lstrlenW
DeleteCriticalSection
GetSystemDefaultUILanguage
SetLastError
QueryPerformanceCounter
GetModuleFileNameW
ExpandEnvironmentStringsW
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
SetEnvironmentVariableA
GetUserDefaultLangID
ProcessIdToSessionId
GetComputerNameExW
WaitNamedPipeW
CreateNamedPipeW
MoveFileExW
FindNextFileW
CreateDirectoryW
GetDiskFreeSpaceExW
SetCurrentDirectoryW
GetEnvironmentVariableW
CreateProcessW
OpenFileMappingW
OpenEventW
OpenMutexW
FlushViewOfFile
PeekNamedPipe
DisconnectNamedPipe
ConnectNamedPipe
CreatePipe
GetLocalTime
GetSystemTime
DeviceIoControl
WaitForMultipleObjects
ResetEvent
TryEnterCriticalSection
GetExitCodeThread
TerminateThread
GetExitCodeProcess
GlobalMemoryStatusEx
GetCurrentProcessId
GetTickCount
CreateFileW
WriteConsoleW
SetFilePointerEx
GetSystemDefaultLCID
ReadConsoleW
Sleep
SetFilePointer
WriteFile
CloseHandle
OutputDebugStringW
GetCurrentThreadId
OpenProcess
GetFileAttributesExW
GetCommandLineW
GetTempFileNameW
GetLongPathNameW
SearchPathW
FormatMessageW
LocalFree
CreateMutexW
WaitForSingleObject
CreateFileMappingW
MapViewOfFile
ReleaseMutex
UnmapViewOfFile
LoadLibraryW
GetProcAddress
FreeLibrary
QueryPerformanceFrequency
GetUserDefaultUILanguage
GlobalDeleteAtom
GlobalAlloc
FreeResource
GlobalFree
LocalAlloc
GlobalAddAtomW
FindResourceExW
GetUserDefaultLCID
GlobalLock
GlobalUnlock
GlobalSize
MulDiv
CopyFileW
WideCharToMultiByte
OutputDebugStringA
EncodePointer
GetSystemDirectoryW
GetModuleHandleW
GetModuleHandleExW
LoadLibraryExW
lstrcmpW
GlobalFindAtomW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
GetCurrentThread
GetVersionExW
lstrcmpA
CompareStringA
SetEvent
CreateEventW
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
VerSetConditionMask
lstrcpyW
VerifyVersionInfoW
VirtualProtect
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
SetErrorMode
GlobalGetAtomNameW
FileTimeToSystemTime
GetThreadLocale
GetFileAttributesW
GetFileSize
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GlobalFlags
DeleteFileW
lstrcmpiW
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetShortPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetTempPathW
GetFileTime
GetWindowsDirectoryW
GetProfileIntW
FileTimeToLocalFileTime
GetFileSizeEx
SetFileAttributesW
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
CreateThread
ExitThread
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
GetSystemInfo
VirtualAlloc
VirtualQuery
HeapQueryInformation
SetStdHandle
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode

user32

EnableMenuItem
CheckMenuItem
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
MessageBoxW
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
IsDialogMessageW
GetWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetMenuItemInfoW
IsWindowEnabled
SetFocus
GetDlgCtrlID
GetMenuItemInfoW
EnableScrollBar
HideCaret
InvertRect
SetMenuItemBitmaps
OpenClipboard
IsZoomed
LoadImageW
SendMessageW
CheckDlgButton
SetDlgItemTextW
GetDlgItem
MoveWindow
ShowWindow
SendDlgItemMessageA
CloseClipboard
DrawIconEx
CopyImage
GetWindowLongW
IsRectEmpty
FillRect
MessageBeep
SystemParametersInfoW
PostQuitMessage
GetMessageW
TranslateMessage
ShowOwnedPopups
GetWindowThreadProcessId
SetWindowContextHelpId
MapDialogRect
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
IntersectRect
GetAsyncKeyState
GetKeyNameTextW
MapVirtualKeyW
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
DrawEdge
DrawFrameControl
DestroyMenu
EnableWindow
IsWindow
RegisterWindowMessageW
IsWindowVisible
PostMessageW
KillTimer
SetWindowLongW
InvalidateRect
SetTimer
GetMessagePos
ScreenToClient
GetClientRect
PtInRect
SetCursor
GetSysColor
GetDC
GetWindowRect
GetParent
ReleaseDC
InflateRect
LoadCursorW
CopyIcon
NotifyWinEvent
GetMenuCheckMarkDimensions
SetClipboardData
EmptyClipboard
UnionRect
IsMenu
UpdateLayeredWindow
SetWindowRgn
SetRectEmpty
DrawFocusRect
DestroyCursor
UnregisterClassW
AllowSetForegroundWindow
MsgWaitForMultipleObjects
SendMessageCallbackW
ExitWindowsEx
GetProcessWindowStation
DrawMenuBar
SetProcessWindowStation
CloseWindowStation
OpenWindowStationW
GetThreadDesktop
CloseDesktop
SetThreadDesktop
OpenDesktopW
MsgWaitForMultipleObjectsEx
WaitForInputIdle
LoadIconW
GetTopWindow
SetActiveWindow
GetDesktopWindow
SetWindowPos
IsIconic
GetSystemMetrics
DrawIcon
RedrawWindow
EnumChildWindows
FlashWindowEx
SetForegroundWindow
UpdateWindow
LoadMenuW
GetCursorPos
ClientToScreen
SetMenuDefaultItem
GetSubMenu
RemovePropW
GetPropW
SetPropW
TrackMouseEvent
OffsetRect
DrawStateW
CopyRect
GetFocus
LoadBitmapW
DestroyIcon
MapWindowPoints
SetRect
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
MonitorFromPoint
RealChildWindowFromPoint
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SetParent
CharUpperW
GetSystemMenu
DeleteMenu
ModifyMenuW
PostThreadMessageW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongPtrW
IsClipboardFormatAvailable
CharNextW
InvalidateRgn
SetCursorPos
GetDoubleClickTime
GetMenuDefaultItem
GetUpdateRect
FrameRect
GetComboBoxInfo
CharUpperBuffW
GetWindowRgn
CreateMenu
SubtractRect
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
GetIconInfo

gdi32

GetBitmapDimensionEx
GetTextFaceW
SetPixelV
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
LPtoDP
EnumFontFamiliesExW
GetPaletteEntries
CreatePalette
GetCurrentObject
OffsetRgn
GetRgnBox
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
GetDIBits
Polyline
Polygon
CreatePolygonRgn
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextJustification
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
BitBlt
CreateBitmap
SetTextColor
SetBkColor
GetObjectType
CreateCompatibleDC
CreateDCW
CopyMetaFileW
CreateFontW
CreatePen
Rectangle
RoundRect
SelectObject
DeleteObject
GetDeviceCaps
GetTextMetricsW
CreateSolidBrush
DeleteDC
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
GetStockObject

msimg32

GradientFill
AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetUserNameW
RegOpenKeyExW
RegQueryInfoKeyW
SetEntriesInAclW
StartServiceW
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
ControlService
CloseServiceHandle
ChangeServiceConfigW
CreateProcessAsUserW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
OpenEventLogW
CloseEventLog
BackupEventLogW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
CheckTokenMembership
OpenProcessToken
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ExtractIconW
SHGetSpecialFolderPathW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation

shlwapi

PathFindExtensionW
PathIsFileSpecW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
StrToIntW

uxtheme

GetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
DrawThemeParentBackground
GetThemeSysColor
GetCurrentThemeName
GetThemeColor

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
OleDraw
CLSIDFromProgID
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CreateILockBytesOnHGlobal

oleaut32

OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayCreate
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
OleLoadPictureFile
OleSavePictureFile
SafeArrayDestroy
SafeArrayGetDim

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageI
GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFromHDC
GdipLoadImageFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipBitmapSetPixel
GdipBitmapGetPixel
GdipGraphicsClear
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipBitmapSetResolution
GdipCreateBitmapFromResource
GdipFree

psapi

GetModuleBaseNameW
EnumProcesses
GetModuleFileNameExW
EnumProcessModules

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

secur32

GetUserNameExW

Exports

Exports

CreateUIInstance
DestroyUIInstance

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 877KB - Virtual size: 877KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1e15f2ff50592942b11dfcf3d64aca9

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

psapi

oleacc

imm32

winmm

version

secur32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 877KB - Virtual size: 877KB

.data Size: 47KB - Virtual size: 104KB

.pdata Size: 105KB - Virtual size: 104KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 77KB - Virtual size: 76KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 877KB - Virtual size: 877KB

.data
Size: 47KB - Virtual size: 104KB

.pdata
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 77KB - Virtual size: 76KB