7641ec74bf97e210868a9ba25646b05f

Sharing

Copy URL Twitter E-mail

General

Target

7641ec74bf97e210868a9ba25646b05f
Size

264KB
MD5

7641ec74bf97e210868a9ba25646b05f
SHA1

1b389ace68cb128374ba4bbec3dd22fd998fe5d2
SHA256

4abb14a06ea4e5ada636c8bcebbae9767ad6edbc768b3ff8319e2b304c190870
SHA512

b234ab5d4530ba8502d9481461ca3cfc1de5e5a3289029e6b8a2f910db70fad281c8e734160f4395bbcdb7213980d7209b21211dd9500999f9d6b65f39098f5f
SSDEEP

6144:iBs2W0sEG5apeV3s05MsUnKkvvcO7PF2OpCm6n4PZtQ1zJ:ieqYV9tGoOD6GZtQ1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7641ec74bf97e210868a9ba25646b05f

Files

7641ec74bf97e210868a9ba25646b05f
.dll windows:4 windows x86 arch:x86

8e8727e6734c0ffbdd23216f7b31ddd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

shell32

SHLoadNonloadedIconOverlayIdentifiers
SHGetSpecialFolderLocation
SHGetMalloc
SHFreeNameMappings
SHExtractIconsW
DragAcceptFiles
CommandLineToArgvW

ddraw

DirectDrawCreate
GetDDSurfaceLocal
DirectDrawCreateEx
DirectDrawCreateClipper

oleaut32

VariantInit
VarUI1FromR8
VarBoolFromStr
SysStringLen
SysStringByteLen
SysFreeString
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi

comctl32

ord17

gdi32

SetViewportOrgEx
SelectObject
SetBkMode
SetGraphicsMode
RestoreDC
ScaleWindowExtEx
ModifyWorldTransform
GetStockObject
GetObjectA
GetDeviceCaps
GetClipBox
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectA
SetWindowOrgEx
SetTextColor
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBPatternBrush

kernel32

LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
SizeofResource
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
MulDiv
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FlushInstructionCache
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection

user32

BeginPaint
CharNextA
CreateAcceleratorTableA
CreateWindowExA
DefWindowProcA
DestroyAcceleratorTable
DialogBoxIndirectParamA
EnableWindow
EndDialog
EndPaint
FillRect
FrameRect
GetActiveWindow
GetClassInfoExA
GetClassNameA
GetClientRect
GetClipCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetMouseMovePointsEx
GetParent
GetSysColor
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
InvalidateRect
InvalidateRgn
IsWindow
IsWindowVisible
LoadCursorA
LoadStringA
MessageBoxA
PtInRect
RedrawWindow
RegisterClassExA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetFocus
SetSysColors
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
TrackMouseEvent
UpdateLayeredWindow
wsprintfA

Exports

Exports

CheckTextureRequirements
CreateEffectFromResourceW
DocStopFeedLoad
FillVolumeTextureTX
LoadPRTBufferFromFileA
MatrixTranspose
RectPatchSize
StopFeedLoad

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e8727e6734c0ffbdd23216f7b31ddd5

Headers

File Characteristics

Imports

advapi32

shell32

ddraw

oleaut32

comctl32

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 42KB - Virtual size: 43KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 42KB - Virtual size: 43KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 2KB - Virtual size: 1KB