59ffc7f9003fa26d4f5dfad7f945a903

Sharing

Copy URL

Twitter E-mail

General

Target

59ffc7f9003fa26d4f5dfad7f945a903
Size

268KB
MD5

59ffc7f9003fa26d4f5dfad7f945a903
SHA1

43b802c140c5b2016bfe849acec4318c3b197882
SHA256

764e0b40d5d38e0d19a2ce2db48561b4eed43bca2d6192b30448eecd899ca4fd
SHA512

59241bad8d87d09a0ecd15a06522b003bf11cd658c2888103e01f1d31bbaba760bb6713338abd0b1938af3c838d1e72aef51e7bb2cbe822f3f4cea117f5ab444
SSDEEP

6144:0zafNZTeGSwQEzh++7yAm3fDWthY7BUcjbVS8NhinhUs3gRA:fTenqTMSt+1UcjbVTIh1QRA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59ffc7f9003fa26d4f5dfad7f945a903

Files

59ffc7f9003fa26d4f5dfad7f945a903
.dll windows:4 windows x86 arch:x86

80af80f4417a5219a5b4216a2f2aec20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SetRectRgn
SelectBrushLocal
SetWindowOrgEx
SetGraphicsMode
SaveDC
RestoreDC
ModifyWorldTransform
GetStockObject
SetBkMode
SelectObject
GetObjectA
GetDeviceCaps
DeleteObject
DPtoLP
CreateSolidBrush
CreateFontIndirectA
SetTextColor
CreateCompatibleBitmap

kernel32

GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
GetModuleHandleA
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
SizeofResource
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FlushInstructionCache
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleFileNameA
InterlockedIncrement

oleaut32

VariantInit
VariantClear
VarUI4FromStr
VarBstrFromI2
SysStringLen
SysStringByteLen
SysAllocStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
DispGetIDsOfNames
BSTR_UserFree

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHFreeNameMappings
SHExtractIconsW
SHBindToParent
DragAcceptFiles

ddraw

DDInternalLock
DDInternalUnlock

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA

comctl32

ord17

user32

BeginPaint
CallWindowProcA
CharNextA
CreateAcceleratorTableA
CreateWindowExA
DestroyAcceleratorTable
DestroyWindow
DialogBoxIndirectParamA
EnableScrollBar
EnableWindow
EndDialog
EndPaint
FillRect
GetClassInfoExA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetParent
GetSysColor
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
HideCaret
InSendMessage
InvalidateRect
InvalidateRgn
IsChild
IsWindow
LoadCursorA
LoadStringA
MapDialogRect
MessageBoxA
PtInRect
RedrawWindow
RegisterClassExA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
UnregisterClassA
wsprintfA

Exports

Exports

CreateCubeTextureFromResourceW
CreateEffectFromResourceExA
CreateLine
CreatePRTEngine
LoadSurfaceFromResourceW
MatrixOrthoOffCenterLH
Vec3Unproject
mpegInNew

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80af80f4417a5219a5b4216a2f2aec20

Headers

File Characteristics

Imports

gdi32

kernel32

oleaut32

shell32

ddraw

advapi32

comctl32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 138KB - Virtual size: 138KB

.data Size: 42KB - Virtual size: 43KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 138KB - Virtual size: 138KB

.data
Size: 42KB - Virtual size: 43KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 2KB - Virtual size: 1KB