8dbe69bb47699b55e5dfa4efe970c07d6a7a9dc56fc096e87077889c5d153dc8

Sharing

Copy URL Twitter E-mail

General

Target

8dbe69bb47699b55e5dfa4efe970c07d6a7a9dc56fc096e87077889c5d153dc8
Size

2.0MB
MD5

e4365bed96d89c6bccad63f2541615ad
SHA1

9ad727317b97964b3c449370a4e8ffa38f628600
SHA256

8dbe69bb47699b55e5dfa4efe970c07d6a7a9dc56fc096e87077889c5d153dc8
SHA512

3c4bac156008b0cc1534c999a4cf7244e0fd33d4ec7d8d34bb37817c282cde1040e75647bb6700f9fe3677a3dc7405471eb8e521228d71dac3a1e22416b994a5
SSDEEP

49152:EhAqxTVklMRnVwB7aNXBBN5tfxPJygvs+BnghTBgr:yNxTylGwB7cN5tfxPJyg0+Bng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dbe69bb47699b55e5dfa4efe970c07d6a7a9dc56fc096e87077889c5d153dc8

Files

8dbe69bb47699b55e5dfa4efe970c07d6a7a9dc56fc096e87077889c5d153dc8
.dll windows:6 windows x86 arch:x86

21335f2ddd51537a78258e651b2fb3d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
ReadConsoleW
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetStdHandle
QueryPerformanceFrequency
GetCommandLineW
GetFileAttributesExW
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
RtlUnwind
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
GetSystemTimeAsFileTime
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameA
SearchPathA
GetProfileIntA
GetTickCount
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
GetCurrentDirectoryA
lstrcpyA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
FreeResource
GetSystemDirectoryW
EncodePointer
GlobalGetAtomNameA
CompareStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
SetEvent
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LoadLibraryExW
FreeLibrary
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
lstrcmpA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
lstrcmpiA
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetCurrentProcess
DuplicateHandle
OutputDebugStringA
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetCurrentProcessId
SetLastError
CopyFileA
FormatMessageA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
MultiByteToWideChar
ReleaseMutex
FlushFileBuffers
CreateFileW
CreateMutexA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
CreateThread
CancelIo
WaitForSingleObject
GetVersionExA
FindClose
FindFirstFileA
GetFileAttributesA
CreateDirectoryA
GetTempPathA
CreateFileA
GetVolumeInformationA
LocalAlloc
LocalFree
WriteFile
GetOverlappedResult
ReadFile
ClearCommError
SetCommState
GetCommState
SetCommTimeouts
CreateEventA
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetModuleFileNameA
CloseHandle
GetLastError
GetFileSize
GetCommandLineA
WriteConsoleW

user32

SetCapture
GetNextDlgGroupItem
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
LoadImageW
InvalidateRect
TrackMouseEvent
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
OffsetRect
SetRectEmpty
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
DestroyIcon
RealChildWindowFromPoint
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
CopyRect
ReleaseCapture
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
FrameRect
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DrawEdge
UnionRect
UpdateLayeredWindow
MessageBoxA
SendMessageA
UnregisterClassA
GetMenuStringA
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadCursorA
WindowFromPoint
DrawFocusRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
MapWindowPoints
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
EnableWindow
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
CharUpperA
GetSystemMetrics
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
CheckDlgButton
SendDlgItemMessageA
GetDlgCtrlID
LockWindowUpdate
SetFocus
GetFocus
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
SetWindowLongA
GetWindow
IsDialogMessageA
GetDesktopWindow
UnhookWindowsHookEx
GetMessageA
TranslateMessage
DispatchMessageA
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
DrawStateA
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
DrawIcon
CopyIcon
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
IsIconic

gdi32

DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
DeleteDC
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetObjectA
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCA
IntersectClipRect
CopyMetaFileA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHAppBarMessage

shlwapi

PathIsUNCA
PathStripToRootA
UrlUnescapeA
PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindExtensionA

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
LoadTypeLi
SysAllocStringByteLen
SysFreeString
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
VariantInit
SysAllocString

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDevRegKey
SetupDiGetClassDevsA

hid

HidD_GetAttributes
HidD_GetPreparsedData
HidP_GetCaps
HidD_GetNumInputBuffers
HidD_FreePreparsedData
HidD_FlushQueue
HidD_GetHidGuid

wininet

HttpQueryInfoA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetSetOptionA
InternetQueryOptionA
InternetQueryDataAvailable
InternetWriteFile
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetSetFilePointer

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipSetInterpolationMode
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

CloudUpDataWelding
GetWeldingInfo
InitWeldingProgress

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21335f2ddd51537a78258e651b2fb3d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

setupapi

hid

wininet

oleacc

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 339KB - Virtual size: 338KB

.data Size: 23KB - Virtual size: 113KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 136KB - Virtual size: 136KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 339KB - Virtual size: 338KB

.data
Size: 23KB - Virtual size: 113KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 136KB - Virtual size: 136KB