a882edec9282b772fed716f3e1d1204b37712c2c99f1423257fd2ea723c32fc9

Sharing

Copy URL Twitter E-mail

General

Target

a882edec9282b772fed716f3e1d1204b37712c2c99f1423257fd2ea723c32fc9
Size

4.2MB
MD5

790fb7473be73627c6a86aeedce9ea5c
SHA1

a4f8cbb650302af14fbbfeed16deb55775fa8b70
SHA256

a882edec9282b772fed716f3e1d1204b37712c2c99f1423257fd2ea723c32fc9
SHA512

03dc98e403a393ed060871e1b603bd99db3c97515c77dd2b89fa23c4c14757bef6485d66b82533c92e723924cdba1a1d67da3b620bf880ce0ef0a04b2019a32f
SSDEEP

49152:AoEZqoSaqXTESEbxfXDljtXNhvIw49k5/tVRCg7cOLVsPZBIv5:AoEs/MDlqXkJD7QxBIv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a882edec9282b772fed716f3e1d1204b37712c2c99f1423257fd2ea723c32fc9

Files

a882edec9282b772fed716f3e1d1204b37712c2c99f1423257fd2ea723c32fc9
.dll windows:6 windows x64 arch:x64

e2a5a14622ee93ae6748125bc46f9f6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_AddMasked
ImageList_Destroy
ImageList_Replace
ImageList_Create
ImageList_SetImageCount
_TrackMouseEvent
ImageList_GetIconSize
InitCommonControlsEx
ord380

shell32

ord74
ord88
ShellExecuteW

shlwapi

StrCmpLogicalW
SHAutoComplete
StrCmpIW
ord12

gdiplus

GdipFree
GdipCreateSolidFill
GdipCloneBrush
GdipCreatePen1
GdipDeletePen
GdipSetSmoothingMode
GdipAlloc
GdipDeleteBrush
GdipBitmapUnlockBits
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipClosePathFigure
GdipFillPath
GdipDrawPath
GdipFillPolygon
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangleI
GdiplusShutdown
GdipDrawLineI
GdipSetClipRectI
GdipCreateLineBrushFromRectI
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectRectI
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdiplusStartup
GdipBitmapLockBits

shared

uSetDlgItemText
uGetOpenFileName
uDragQueryFile
uChooseColor
ModalDialog_PokeExisting
ModalDialog_CanCreateNew
uMessageBox
stricmp_utf8_partial
uExtTextOut
uGetTextExtentPoint32
uTabCtrl_InsertItem
uGetWindowText
uCharLower
uSendMessageText
uTreeView_InsertItem
uFixAmpersandChars
uShellNotifyIconEx
stricmp_utf8_max
uFormatSystemErrorMessage
uModifyMenu
uGetMenuString
uGetMenuItemType
uTabCtrl_SetItem
FindOwningPopup
uSendDlgItemMessageText
uDragQueryFileCount
ModalDialog_Switch
GetInfiniteWaitEvent
uGetFullPathName
uGetFileAttributes
uGetModuleFileName
uShellNotifyIcon
stricmp_utf8_ex
uSetWindowText
uGetDlgItemText
uLoadImage
stricmp_utf8
uAppendMenu
??1uCallStackTracker@@QEAA@XZ
??0uCallStackTracker@@QEAA@PEBD@Z
uPrintCrashInfo_OnEvent
uBugCheck
uFixAmpersandChars_v2
uStringCompare

uxtheme

GetThemePartSize
GetThemeMargins
CloseThemeData
DrawThemeText
IsThemeActive
IsAppThemed
GetThemeTextExtent
SetWindowTheme
IsThemePartDefined
GetThemeColor
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeBackground
OpenThemeData
EnableThemeDialogTexture

dwmapi

DwmSetWindowAttribute

usp10

ScriptFreeCache
ScriptStringFree
ScriptStringAnalyse
ScriptString_pcOutChars
ScriptStringGetLogicalWidths
ScriptString_pSize
ScriptStringOut
ScriptString_pLogAttr
ScriptApplyDigitSubstitution
ScriptRecordDigitSubstitution

windowscodecs

WICConvertBitmapSource

kernel32

LCMapStringW
CompareStringW
ExitProcess
SetConsoleCtrlHandler
GetFileType
SetStdHandle
ResumeThread
ExitThread
HeapQueryInformation
HeapSize
HeapReAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwindEx
TerminateProcess
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcessAffinityMask
VirtualFree
GetCurrentProcess
DuplicateHandle
SetThreadGroupAffinity
GetThreadGroupAffinity
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
GetCurrentProcessorNumberEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateThread
SignalObjectAndWait
InitializeSListHead
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
GetThreadTimes
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
LoadLibraryExW
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetSystemTimeAsFileTime
FlushProcessWriteBuffers
CreateEventExW
SetThreadPriority
GetCurrentThread
CloseHandle
WaitForSingleObject
SetLastError
GetLastError
GetTickCount
GetUserDefaultLCID
FindResourceW
SizeofResource
LoadResource
LockResource
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryW
GetProcAddress
FreeLibrary
OutputDebugStringW
GetCurrentThreadId
FormatMessageW
IsDebuggerPresent
MulDiv
CompareStringEx
GetLocalTime
QueryPerformanceCounter
QueryPerformanceFrequency
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcessId
GetModuleHandleExW
GlobalAlloc
GlobalUnlock
GlobalFree
GetModuleFileNameA
CreateSemaphoreExW
HeapFree
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
HeapAlloc
CreateMutexExW
GetProcessHeap
GetModuleHandleW
DebugBreak
InitializeCriticalSectionEx
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SwitchToThread
GetLocaleInfoEx
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceComplete
InitOnceBeginInitialize
RtlPcToFileHeader
TryAcquireSRWLockExclusive
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
IsProcessorFeaturePresent
GlobalSize
GetTimeFormatW
GetDateFormatW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetTickCount64
RaiseException
GetThreadPriority
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
Sleep
SetEvent
CreateEventW
WriteConsoleW
EnumSystemLocalesW
GetStdHandle
IsValidLocale
SetFilePointerEx
WriteFile
GetConsoleOutputCP
GetConsoleMode
GetTimeZoneInformation
FlushFileBuffers
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
GlobalLock

user32

SetClipboardData
CloseClipboard
RealChildWindowFromPoint
SetCursor
DrawIconEx
GetParent
TrackPopupMenuEx
GetUpdateRect
BeginDeferWindowPos
IsWindowEnabled
GetPropW
SetDlgItemInt
GetWindowPlacement
EnumChildWindows
GetDlgCtrlID
IsClipboardFormatAvailable
RegisterClassW
GetNextDlgTabItem
ChildWindowFromPoint
WindowFromDC
GetCapture
SystemParametersInfoW
ScrollWindowEx
SetScrollInfo
EmptyClipboard
SetActiveWindow
GetWindowThreadProcessId
LoadCursorW
SetCapture
GetClassNameW
MonitorFromWindow
ChildWindowFromPointEx
GetMonitorInfoW
MonitorFromPoint
ClientToScreen
SetMenuItemInfoW
InsertMenuW
GetMenuItemCount
GetCursorPos
SetForegroundWindow
GetAsyncKeyState
GetKeyState
DeregisterShellHookWindow
RegisterShellHookWindow
RegisterWindowMessageW
WindowFromPoint
DestroyWindow
IsChild
IsWindow
OpenClipboard
EnumWindows
IsIconic
UnregisterClassW
GetScrollInfo
SetWindowPlacement
MessageBoxW
DrawTextW
InvalidateRect
DrawEdge
GetDoubleClickTime
UpdateWindow
EndDeferWindowPos
ReleaseCapture
DeferWindowPos
CreateDialogParamW
DialogBoxParamW
DrawFocusRect
EqualRect
GetClipboardData
GetIconInfo
GetMenuItemID
GetMenuState
GetSubMenu
CheckMenuRadioItem
UnhookWindowsHookEx
DispatchMessageW
SetWindowTextW
SetTimer
KillTimer
SetFocus
GetFocus
InsertMenuItemW
PostMessageW
GetAncestor
SetWindowLongW
GetWindowLongW
GetDlgItemInt
IntersectRect
GetWindow
MapWindowPoints
GetTopWindow
FillRect
SetLayeredWindowAttributes
GetLayeredWindowAttributes
IsWindowVisible
LoadImageW
GetMessagePos
BeginPaint
EndPaint
PtInRect
GetSystemMetrics
InflateRect
DrawTextExW
GetWindowTextW
GetWindowTextLengthW
RegisterClipboardFormatW
ScreenToClient
DestroyMenu
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetSysColorBrush
SendDlgItemMessageW
EndDialog
GetDlgItem
DestroyIcon
GetClientRect
GetDC
ReleaseDC
GetWindowRect
EnableWindow
CallWindowProcW
GetWindowLongPtrW
DefWindowProcW
GetComboBoxInfo
SetWindowLongPtrW
CreateWindowExW
RedrawWindow
GetSysColor
SendMessageW
SetWindowPos
SetParent
ShowWindow
TranslateMessage
ValidateRect
PostQuitMessage
GetMessageW
SetWindowsHookExW
CallNextHookEx
PostThreadMessageW
CharLowerW
MapDialogRect
GetMenuItemInfoW

gdi32

SetBkColor
SelectObject
GetObjectW
GetTextExtentPoint32W
OffsetWindowOrgEx
GetBkMode
CombineRgn
CreateRectRgnIndirect
SetPixel
SetTextAlign
SetTextColor
GetPixel
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreateSolidBrush
CreateDIBSection
GdiFlush
CreatePen
SetBkMode
ExcludeClipRect
MoveToEx
LineTo
GetDeviceCaps
GetTextColor
EnumFontFamiliesExW
GdiAlphaBlend
ExtTextOutW
SetWindowOrgEx
GetStockObject
Rectangle
CreateDIBitmap
BitBlt
CreateFontIndirectW
GetTextMetricsW
DeleteObject

comdlg32

ChooseFontW

ole32

RegisterDragDrop
CoCreateFreeThreadedMarshaler
CoUninitialize
CoInitializeEx
OleGetClipboard
OleSetClipboard
OleInitialize
OleUninitialize
CoCreateInstance
ReleaseStgMedium
RevokeDragDrop

urlmon

CopyStgMedium

oleaut32

GetErrorInfo
SetErrorInfo
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2a5a14622ee93ae6748125bc46f9f6f

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shell32

shlwapi

gdiplus

shared

uxtheme

dwmapi

usp10

windowscodecs

kernel32

user32

gdi32

comdlg32

ole32

urlmon

oleaut32

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 381KB - Virtual size: 380KB

.data Size: 62KB - Virtual size: 79KB

.pdata Size: 98KB - Virtual size: 98KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 381KB - Virtual size: 380KB

.data
Size: 62KB - Virtual size: 79KB

.pdata
Size: 98KB - Virtual size: 98KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 19KB - Virtual size: 19KB