78f3ffe8337fba8805c6b178539bde2f

Sharing

Copy URL Twitter E-mail

General

Target

78f3ffe8337fba8805c6b178539bde2f
Size

244KB
MD5

78f3ffe8337fba8805c6b178539bde2f
SHA1

2ddf26c943beeed9f165d38874282895ccfe3a35
SHA256

999e147de504dc61841c3ecf3c0cd3a25e9b36d63d832b7162051b1b4080ff82
SHA512

0884597315d18412e9439406891544ace02b59fb4e3ea4ff711cf9bf2bb41e6fa5ed2a0121a9453dd77a87a9dfe4467d8ceb0595a77aab8ffb817beda6cb76b0
SSDEEP

6144:KLQBAJJOduf3F7D63ugiROnwgh5O1We+b2uV/S5z:MTJ/3F7G3Lue+S/sz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78f3ffe8337fba8805c6b178539bde2f

Files

78f3ffe8337fba8805c6b178539bde2f
.dll windows:4 windows x86 arch:x86

67a1d93dfac674ebf0d814968e07743c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
Escape
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
DeleteObject
DPtoLP
CreateCompatibleDC
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
RectVisible

shlwapi

PathFindFileNameW

user32

GetAsyncKeyState
GetDC
GetMonitorInfoW
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
EnableWindow
SendDlgItemMessageW
GetActiveWindow
SendMessageW
SetCursor
SetFocus
SetRect
UpdateWindow
WinHelpW
DefWindowProcW
CharToOemBuffA
CallNextHookEx
SendMessageTimeoutW
FindWindowW
PeekMessageW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

ShellAboutW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW
DragFinish
ShellExecuteExW

msvcrt

memmove
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
wcstod
wcslen
wcscoll
wcscmp
setlocale
_XcptFilter
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit

ole32

CLSIDFromString
CoTaskMemFree
CreateILockBytesOnHGlobal
OleInitialize
OleRegGetUserType
OleUninitialize
ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID

comdlg32

ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

kernel32

LoadLibraryExA
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalGetAtomNameW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetShortPathNameW
GetModuleHandleA
GetLastError
GetDateFormatW
GetCurrentThreadId
LoadLibraryExW
LoadLibraryW
MulDiv
MultiByteToWideChar
SetThreadPriority
SetUnhandledExceptionFilter
lstrcmpW
lstrlenW
TerminateProcess
GetCommandLineA
ExitProcess
DeleteAtom
CreateFileW
CreateEventW
AddAtomW

Exports

Exports

BindTexture2D
CreateProgress
EnumBaseImageDataPropertyRelease
EventDestroy
GetAvailableRoboDrivers
GetDeviceOption
GetImageDataInfo
GetLastErrors
Launch
MemcpyToArrayAsync

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67a1d93dfac674ebf0d814968e07743c

Headers

File Characteristics

Imports

gdi32

shlwapi

user32

advapi32

shell32

msvcrt

ole32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 72KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 72KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB