5393d97f3262cdad8fc9076a6589e5aacddd6b12820b8dd16762a2e92e58fc85

Sharing

Copy URL Twitter E-mail

General

Target

5393d97f3262cdad8fc9076a6589e5aacddd6b12820b8dd16762a2e92e58fc85
Size

3.1MB
MD5

2c4866cf6b68d98bd717e364169e6279
SHA1

0be00abd768610eac2e5d6fe9410ecd127bd29d4
SHA256

5393d97f3262cdad8fc9076a6589e5aacddd6b12820b8dd16762a2e92e58fc85
SHA512

446373cf947024f872767e5b7fee32cb46e171ba60807eed4d1301031409429a96b3a0a62591afa4177887beb3cd598f60b3bdda8d3341d8613a6279b8919503
SSDEEP

98304:4LjH9h3Wbb/YbB9OHCBExZsLsbh5VEydktscTvKPpIdjZaMLtmNJ9H5al:Q9OHpsOHZcSZMRmNJ9Z+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5393d97f3262cdad8fc9076a6589e5aacddd6b12820b8dd16762a2e92e58fc85

Files

5393d97f3262cdad8fc9076a6589e5aacddd6b12820b8dd16762a2e92e58fc85
.dll windows:5 windows x86 arch:x86

a33c32b5ab8e943fe1676b1e0b759a74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableA
CreateFileMappingA
MapViewOfFile
GetConsoleMode
GetCurrentDirectoryW
GetProcessHeap
GetDriveTypeW
GetExitCodeProcess
CreatePipe
CreateProcessA
GetDateFormatA
GetTimeFormatA
FindNextFileA
ReleaseMutex
CreateFileW
GetComputerNameA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WaitForMultipleObjects
GetOverlappedResult
CancelIo
QueryPerformanceFrequency
CreateDirectoryW
DeviceIoControl
GetSystemDirectoryA
OutputDebugStringA
ResetEvent
SleepEx
QueueUserAPC
WriteConsoleW
IsValidLocale
GetConsoleCP
EnumSystemLocalesA
GetTimeZoneInformation
LCMapStringW
CompareStringW
GetStringTypeW
IsValidCodePage
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
SetHandleCount
IsProcessorFeaturePresent
GetLocaleInfoW
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapQueryInformation
HeapSize
CreateThread
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
GetCommandLineA
RaiseException
EncodePointer
DecodePointer
RtlUnwind
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetNumberFormatA
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
GetTickCount
GetACP
GetOEMCP
GetCPInfo
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
GetTempPathA
GetTempFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
FindResourceA
FreeResource
GlobalFindAtomA
lstrcmpW
DeleteFileA
GlobalFlags
GetVersionExA
lstrcpyA
GetSystemDirectoryW
LoadLibraryW
GetCurrentDirectoryA
FileTimeToSystemTime
GlobalGetAtomNameA
InterlockedIncrement
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
CreateEventA
SetEvent
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
CompareStringA
ActivateActCtx
LoadLibraryA
DeactivateActCtx
lstrcmpA
GetModuleHandleW
GetProcAddress
FreeLibrary
InterlockedExchange
WaitForSingleObject
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
CreateFileA
CloseHandle
Sleep
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
FindResourceW
LoadResource
LockResource
CreateMutexA
SizeofResource
UnmapViewOfFile

user32

GetSystemMenu
LoadMenuW
IntersectRect
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
DestroyMenu
GetMenuItemInfoA
InflateRect
CharUpperA
DestroyIcon
IsIconic
ShowWindow
MoveWindow
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
KillTimer
SetTimer
InvalidateRect
SetCapture
LoadMenuA
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
EndPaint
BeginPaint
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
GetWindowDC
ClientToScreen
RemoveMenu
GetSubMenu
GetMenuItemCount
RegisterDeviceNotificationA
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetClassInfoA
DefWindowProcA
MapWindowPoints
GetClientRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
ReleaseCapture
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
CopyRect
DeleteMenu
GetWindowTextLengthA
GetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterDeviceNotification
wsprintfA
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuA
SendMessageA
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
ShowOwnedPopups
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
CopyImage
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
UpdateWindow
GetWindowLongA
GetWindowThreadProcessId
UnhookWindowsHookEx
UnregisterClassA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
GetMenuDefaultItem
OpenClipboard
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
GetNextDlgGroupItem
HideCaret
InvertRect
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
GetIconInfo
GetDoubleClickTime
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
CloseClipboard
GetDesktopWindow
SetClipboardData

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
SelectPalette
GetObjectType
CreateHatchBrush
GetTextExtentPoint32A
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CombineRgn
GetBkColor
GetTextColor
PatBlt
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetRectRgn
DPtoLP
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
CreatePatternBrush
CreateSolidBrush
CreatePen
GetStockObject
CreateDIBitmap
CreateBitmap
CreateDCA
CopyMetaFileA
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyExA

shell32

DragQueryFileA
SHGetDesktopFolder
DragFinish
SHGetFileInfoA
ShellExecuteA
SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ImageList_GetIconSize

ole32

RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SysStringLen
SysAllocStringLen
SysFreeString
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
VariantInit
SysAllocString
VariantChangeType

ws2_32

htonl

gdiplus

GdipSetInterpolationMode
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

shlwapi

PathIsRelativeA
PathIsDirectoryA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

winmm

PlaySoundA

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

Exports

Exports

CameraInit
CameraPlay
CameraStop
CameraUpdate
DisplayImage
EnableTestMode
SaveParams
StartVideo

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 768KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mvp0
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a33c32b5ab8e943fe1676b1e0b759a74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

ws2_32

gdiplus

oleacc

imm32

shlwapi

winmm

setupapi

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 768KB - Virtual size: 768KB

.data Size: 69KB - Virtual size: 163KB

.mvp0 Size: 155KB - Virtual size: 155KB

.reloc Size: 323KB - Virtual size: 323KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 768KB - Virtual size: 768KB

.data
Size: 69KB - Virtual size: 163KB

.mvp0
Size: 155KB - Virtual size: 155KB

.reloc
Size: 323KB - Virtual size: 323KB

.rsrc
Size: 12KB - Virtual size: 12KB