75a287db842114608c84cd0fcf39ce49

Sharing

Copy URL Twitter E-mail

General

Target

75a287db842114608c84cd0fcf39ce49
Size

1.2MB
MD5

75a287db842114608c84cd0fcf39ce49
SHA1

28b3b77228f892bd2d7e72903dbe91623f907fdf
SHA256

5598edd4394b9d00166732bebaf9df331f6ffffd86b2b4dbf6f6ffe99d4e07a0
SHA512

52e2ae606ddf293bf31716d15fe7a0a9b1b688cc14c80d30815a5e7760ff4e88846c621f9a5645424abdbc0605ad1a71282f3a277809f2dbe390dc11905376b1
SSDEEP

24576:b9Y4jaopP+gG66iQjDaq/qT6BuQrX2qBc2j4vCTskmlJXOXxH3edHNm3Ng7OTMyq:Kp2cHAHUNg7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75a287db842114608c84cd0fcf39ce49

Files

75a287db842114608c84cd0fcf39ce49
.dll windows:4 windows x86 arch:x86

c4e972c395a94a6536723703852b507f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoW
LoadLibraryA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
ReadFile
CreateFileA
VirtualFree
GetModuleHandleA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
IsValidLocale
InitializeCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
GetProcessHeap
HeapAlloc
HeapFree
GetCommandLineA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsProcessorFeaturePresent
CreateThread
ResumeThread
WaitForMultipleObjects
GetExitCodeThread
GetSystemInfo
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
CloseHandle

user32

LoadCursorFromFileA
ReleaseDC
GetDC
CallWindowProcA
DestroyCursor
SetCursor
LoadCursorA
GetDoubleClickTime
GetIconInfo
DestroyIcon
SetCapture
ReleaseCapture
SetWindowLongW
GetWindowLongW
CallWindowProcW

gdi32

GetCharABCWidthsA
GetTextExtentPoint32A
GetGlyphOutlineA
SetBkColor
SetTextColor
SetBkMode
MoveToEx
ExtTextOutW
ExtTextOutA
CreateFontA
SetTextAlign
GetTextMetricsA
CreateDIBSection
AddFontMemResourceEx
GetObjectA
SetMapMode
DeleteObject
DeleteDC
CreateCompatibleDC
SelectObject
GetDIBits
GetCharABCWidthsW

shell32

SHGetFileInfoA

oleaut32

VariantClear

tier0

GetCPUInformation
?EnterScope@CVProfile@@QAEXPBDH0_NH@Z
g_VProfCurrentProfile
?ExitScope@CVProfile@@QAEXXZ
??0CThreadSpinRWLock@@QAE@XZ
?LockForWrite@CThreadSpinRWLock@@QAEXXZ
?UnlockWrite@CThreadSpinRWLock@@QAEXXZ
?LockForRead@CThreadSpinRWLock@@QAEXXZ
?UnlockRead@CThreadSpinRWLock@@QAEXXZ
?DevMsg@@YAXPBDZZ
DevMsg
?Lock@CThreadFastMutex@@ACEXII@Z
_AssertValidReadPtr
_AssertValidWritePtr
AssertValidStringPtr
Plat_FloatTime
Plat_IsInDebugSession
CommandLine_Tier0
Msg
Warning
Plat_DebugString
Error
g_pVCR
g_pMemAlloc
Plat_MSTime

libcef

cef_shutdown
cef_string_free
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_alloc
cef_string_list_alloc
cef_string_list_size
cef_string_list_value
cef_string_list_free
cef_browser_create_sync
cef_request_create
cef_string_map_alloc
cef_string_map_free
cef_post_data_element_create
cef_post_data_create
cef_register_scheme
cef_do_message_loop_work
cef_initialize

vstdlib

KeyValuesSystem

Exports

Exports

CreateInterface
cvar
g_pCVar

Sections

.text
Size: 756KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4e972c395a94a6536723703852b507f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

tier0

libcef

vstdlib

Exports

Exports

Sections

.text Size: 756KB - Virtual size: 752KB

.rdata Size: 404KB - Virtual size: 401KB

.data Size: 24KB - Virtual size: 229KB

.reloc Size: 92KB - Virtual size: 88KB

.text
Size: 756KB - Virtual size: 752KB

.rdata
Size: 404KB - Virtual size: 401KB

.data
Size: 24KB - Virtual size: 229KB

.reloc
Size: 92KB - Virtual size: 88KB