c361165111e90d782716aca420aad62d

Sharing

Copy URL Twitter E-mail

General

Target

c361165111e90d782716aca420aad62d
Size

1.4MB
MD5

c361165111e90d782716aca420aad62d
SHA1

946c7c1bb52a251dff4c30658655b53146d917a7
SHA256

ad9c1dd530c788fe72d8dad6b962d2ac41162b1c467f8098ddf945b96abd09fd
SHA512

b7e18e5c75aaff120b112e838030144a31f34cc21bbfbe0ed3a2a1988f264fc87d28750bfb8baa484b6a2dfe4d72879fd46bb7e99d119d966824c0f97f792097
SSDEEP

24576:H9SrscfZBTVlvDXDX2UB8AQDAcz6dKNpnDn8Z:6ZfyUBMrzxDna

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c361165111e90d782716aca420aad62d

Files

c361165111e90d782716aca420aad62d
.exe windows:5 windows x86 arch:x86

b7dd2fb4f9a51d31a8c597ee0ed1e6a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\code32\Mains\dfxui\MtStaticRt\dfxui.pdb

Imports

kernel32

InitializeCriticalSection
FormatMessageA
GetFileAttributesW
DeleteFileA
GetFileAttributesA
LockFile
UnlockFile
GetFileSize
AreFileApisANSI
WaitForSingleObject
SetCurrentDirectoryW
RemoveDirectoryW
lstrcmpW
GetCurrentDirectoryW
CopyFileW
LoadLibraryW
LockFileEx
GetTempPathA
GetSystemDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceW
InterlockedIncrement
InterlockedDecrement
GetVersionExW
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetStartupInfoW
GetTickCount
GetSystemInfo
CreateDirectoryW
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
CompareFileTime
SetFileTime
GetFileTime
GetSystemTime
GetTimeZoneInformation
FileTimeToSystemTime
CreateFileW
GetModuleFileNameW
GetTempPathW
FindClose
FindNextFileW
FindFirstFileW
SetThreadPriority
GetCurrentThread
GetExitCodeThread
CreateThread
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetDriveTypeW
DeleteFileW
ReleaseMutex
HeapAlloc
HeapFree
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
RaiseException
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryA
ReadFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
VirtualAlloc
FreeLibrary
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
GetDriveTypeA
GetFullPathNameA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExpandEnvironmentStringsA
SetEnvironmentVariableW
Sleep
CreateProcessW
CloseHandle
GetLastError
HeapReAlloc
CreateMutexW

user32

EnableMenuItem
SendDlgItemMessageW
IsDlgButtonChecked
EnableWindow
CheckDlgButton
SetMenuItemInfoW
SetDlgItemTextW
GetClientRect
GetDesktopWindow
GetWindowTextW
CreateDialogParamW
SetWindowLongW
GetWindowLongW
GetDlgItemTextW
SetCursor
EndDialog
GetDlgItem
SetCapture
wsprintfW
BringWindowToTop
GetSystemMetrics
GetWindowPlacement
SetWindowPlacement
ReleaseCapture
GetWindowRect
MoveWindow
SendMessageW
TrackMouseEvent
InvalidateRect
CreatePopupMenu
GetCursorPos
TrackPopupMenu
DestroyMenu
KillTimer
SetTimer
IsIconic
IsWindowVisible
AdjustWindowRect
SetForegroundWindow
AppendMenuW
DispatchMessageW
DefWindowProcW
UpdateWindow
MessageBoxW
CreateWindowExW
ShowWindow
MessageBoxA
RegisterWindowMessageW
SendMessageTimeoutW
GetAsyncKeyState
SetWindowRgn
SetWindowTextW
SetFocus
ScreenToClient
GetDC
SetRect
ReleaseDC
LoadStringW
RegisterClassExW
LoadAcceleratorsW
TranslateMessage
BeginPaint
LoadCursorW
LoadImageW
GetMessageW
TranslateAcceleratorW
DestroyWindow
PostQuitMessage
PostMessageW
FindWindowW
SetWindowPos
EndPaint

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

ole32

CoCreateInstance
CoCreateGuid
PropVariantClear
CoInitialize
CoUninitialize
CoTaskMemFree

winmm

mmioCreateChunk
mmioSeek
mmioSetInfo
mmioAdvance
mmioWrite
mmioFlush
mmioClose
mmioOpenW
mmioGetInfo
mmioDescend
mmioRead
mmioAscend
PlaySoundW

comctl32

InitCommonControlsEx

gdi32

ExtTextOutW
CreateFontW
SetTextAlign
SetBkMode
SetTextColor
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
CreatePolygonRgn
GetObjectW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW

wininet

InternetSetStatusCallbackW
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetGetConnectedState
InternetOpenW

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString

Sections

.text
Size: 848KB - Virtual size: 847KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7dd2fb4f9a51d31a8c597ee0ed1e6a8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

winmm

comctl32

gdi32

comdlg32

shell32

wininet

oleaut32

Sections

.text Size: 848KB - Virtual size: 847KB

.rdata Size: 176KB - Virtual size: 176KB

.data Size: 13KB - Virtual size: 126KB

.rsrc Size: 184KB - Virtual size: 184KB

.reloc Size: 51KB - Virtual size: 51KB

.text
Size: 848KB - Virtual size: 847KB

.rdata
Size: 176KB - Virtual size: 176KB

.data
Size: 13KB - Virtual size: 126KB

.rsrc
Size: 184KB - Virtual size: 184KB

.reloc
Size: 51KB - Virtual size: 51KB